Alerts and Advisories

RIT Information Security Alert--Job Scams!

RIT Information Security Alert--Job Scams!

... ...

RIT Public Safety contacted the Information Security Office about a recent job scam that has victimized RIT students. The students encountered the scam through what appeared to be an authentic job listing in the RIT Job Zone. (Note that the RIT Job Zone, like most college and university job boards, is administered by a third party.)

Why I’m Receiving This

RIT Students have fallen victim to a scam. We want to help you identify future scams.

RIT Information Security Alert--Account Update Spear Phishing Attacks

RIT Information Security Alert--Account Update Spear Phishing Attacks

Why am I receiving this message?

RIT users have received account update phishing attempts masquerading as official RIT email.

If you've received messages with the Subject Line: RE: Outlook Account Update or Account Update, please delete them. The messages read as follows, 

RIT Information Security Alert: Important Message Phish

RIT Information Security Alert: Important Message Phish

 

RIT email users have received another phishing attack that mimics an RIT official message. PLEASE DON'T CLICK ON THE LINK AND PROVIDE YOUR INFO! You'll receive many of these phishing attempts throughout the academic year. We won't be able to warn you about all of them.

If you've received a message with the Subject Line: RIT: Important... ...

RIT Information Security Alert: Phishing Attacks Targeting RIT

RIT Information Security Alert: Phishing Attacks Targeting RIT

 

1. RIT community members are receiving requests to provide University Identification Numbers (UIDs). The attackers are posing as RIT community members who have forgotten their UIDs. The messages are being sent from external email addresses that mimic the RIT email addresses. (For example, STUDENTADDRESS@gmail.cominstead of STUDENTADDRESS@rit.edu.) Here’s an example of an attack message received:

... ...

RIT Information Security Alert: Your Password Will Expire Soon Phishing Attacks

Information Security Alert: Your password will expire soon phishing attacks We wanted to provide information about this phishing attack because we have seen several RIT people falling for it. You need to stay alert on this type of attack to make sure it doen't happen to you.

Information Security Alert: Change your RIT Password and Heartbleed Follow Up

Information Security Alert: Change your RIT Password and Heartbleed Follow Up We wanted to provide an update on the Heartbleed situation and remind you to change your RIT passwords. The Heartbleed bug has been widely reported and will require action on your part.

Information Security Alert: Heartbleed bug may have exposed your passwords

Information Security Alert: Heartbleed bug may have exposed your passwords

 

Why am I receiving this message?

As you may have heard in the news, a major worldwide vulnerability has been discovered that may affect 2/3 of the websites on the internet.

  • Heartbleed bug—there is a flaw in versions of OpenSSL that

  • ... ...

RIT Information Security Alert: Phishing attacks targeting RIT!

RIT Information Security Alert -- Phishing Attacks Targeting RIT

Why am I receiving this message?

A number of RIT computer users are clicking on links and supplying passwords in response to messages that may appear to be official RIT communications. There are several phishing attempts circulating around RIT. Here are a couple of them with hints on how to recognize that they're phishing attempts.

Phish #1

undefined

Phish #2

undefined... ...

RIT Information Security Alert -- Ransomware Attack

RIT Information Security Alert -- Ransomware Attack

 

 

Why am I receiving this message?

RIT computers have been attacked with CryptoLocker ransomware. Ransomware is malware that encrypts contents of your computer and then demands a payment in order to receive the decryption key and retrieve the data. Ransomware has been around for a couple of years now, but there's been a spike in activity over the last week, and yesterday, a couple of RIT computers were infected.

How do I protect myself against a ransomware attack?

... ...

RIT Information Security Alert--Phishing Season is Still Open!

RIT Information Security Alert- Phishing Season is Still Open!

Why I’m Receiving This?

RIT continues to receive a number of phishing attacks. One current phishing attack is disguised as an email from the Helpdesk and references a pending upgrade. This one is pretty generic, although the attacker has apparently harvested RIT email addresses:

How do I know these are phishing attempts?

  • We didn't include the addressees in the screenshot above, but
  • ... ...