Recent IT Security Alerts

    Major Equifax Cyber Attack Impacting 143 Million Americans
    Sep 11, 2017:

    Equifax (one of the major consumer credit reporting agencies) reported on Thursday, 9/7/2017, that hackers gained access to company data which potentially compromised sensitive information for 143 million American consumers. The compromised consumer data includes name, address, birthdate, Social Security numbers, and driver's license numbers. Learn how to protect yourself

    Printer Model/Toner Social Engineering Scam
    Jul 24, 2017:

    University staff members are reporting they have received phone calls from outside entities requesting printer model numbers.  The “vendor” will ship toner and printer supplies to any departments that disclose this information.  This will result in a large outstanding invoice and the vendor demanding payment because they were given verbal consent for the products shipped.  Please make departmental staff aware of this situation.  Follow our best practices to prevent being a victim of these scams.

    Watch out for Malicious Apps Posing as Virus Scanners!
    Jun 16, 2017:

    A cybersecurity firm discovered several apps related to WannaCry ransomware in the Google Play Store for Androids and in Apple’s App Store. Another hundred fraudulent antivirus apps were also discovered on digital markets. In order to keep your device safe, be sure to only download software from reputable developers and check the app description for grammatical errors, things out of place and user reviews.

    Chipotle Mexican Grill Reports Payment Card Security Incident
    May 31, 2017:

    Chipotle Mexican Grill worked in conjuction with law enforcement, payment card networks and cyber security firms to investigate a payment card security incident reported on April 25, 2017. The investigation uncovered malware designed to access payment card data from cards used on point-of-sale (POS) devices at certain Chipotle restaurants between March 24, 2017 and April 18, 2017. The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the POS device. Both Columbia, MO restaurants have been identified as locations infected between March 24, 2017 and April 18, 2017. If you believe you have used a payment card at either location during this timeframe, please be vigiliant when reviewing your charge statements and report any unauthorized charges immediately. For more information, visit https://www.chipotle.com/security

    Google Docs Phishing Scam: What We Know
    May 04, 2017:

    On May 3rd, 2017, news outlets and social media sites were reporting a phishing scam surrounding fake “Google Doc” emails. Learn more!

    Apple releases iOS Update to Remedy WiFi Problems
    Apr 19, 2017:

    A security update was made available for a variety of iPhone, iPad and iPod Touch devices after seeing that attackers within range were able to execute code on a WiFi chip. This update improved input validation, and is available for consumers now. More Info: Apple Security Content of iOS 10.3.1

    Update LastPass NOW to Protect Your Passwords!
    Apr 19, 2017:

    LastPass, a password manager tool, recently fixed a major security flaw that allowed hackers to steal your passwords and manipulate your account. Users should make sure to update to the most recent verison of the software in order to secure their passwords and other account information. More Info: FAQs about the attack

    Social Engineering Attacks hit Google Maps
    Apr 19, 2017:

    Thousands of fake listings are added to Google Maps each month, and these listings direct users to fake websites that either sell fake or overpriced services. This was popular in larger metropolitan areas like NYC, Chicago or LA, because people would go on Google Maps to find a service and then get re-directed to the website of a fake business…or would call the phone number of a fake business. Google says it has reduced its amount of abusive listings by 70% since June 2015 (peak period).

    Be Careful with Attachments in Your Emails!
    Apr 19, 2017:

    A vulnerability was discovered in Microsoft Word that allowed for zero-day attacks to infect computers with malware through Word-document email attachments. When the attachments are opened, a fake word document is opened while malware is installed on the victim’s computer system. The attack only targeted a limited number of victims, but users should “be wary of documents received from untrusted sources and should enable the Office Protected View mode because it can block this attack.”

    Employment Opportunity Scam
    Jan 23, 2017:

    There is an elaborate employment opportunity scheme currently underway which is targeted towards college students.  Learn more!

    Ho, Ho, NO! Don’t let online deals become cyber steals!
    Dec 16, 2016:

    While this time of year brings out kindness and joy, make sure that you don’t fall for a criminal’s latest ploy!

    Tracking Number Email Scams Target Online Shoppers
    Dec 15, 2016:

    This holiday season don't take the bait! Many shipping carriers have experienced phishing scams targeting consumers. Subject lines often include tracking numbers, and the emails can contain a fake notice from the carrier with attachments and links. Be aware, the attachments and links can contain viruses! Do not give away any personal information. Delete the message immediately. For more information on scams carriers are seeing, visit the FedEx and UPS guides.

    Social Engineering and Phishing Scam Affect LinkedIn Users
    Nov 28, 2016:

    A new social engineering scam is using phishing emails that appear to be from LinkedIn. The phony email claims there's a security issue with the user's LinkedIn account and requests personal information. It informs recipients that it's a "precautionary measure to defend you", but prompts users to provide the information in 24 hours or their accounts will be terminated.  

    Yahoo ‘expected to confirm massive data breach’, says Recode
    Sep 22, 2016:

    Yahoo is poised to confirm a massive data breach of its service, according to several sources close to the situation, hacking that has exposed several hundred million user accounts.

    When virtual meets reality: Pokémon GO is a real world adventure with real-life risks
    Jul 21, 2016:

    The game itself is free of charge, but some of the associated risks can be very costly. Follow our tips to stay Poké-Safe!