Alerts and Advisories

Cyberattack on RIT Continues

The cyberattack on RIT and our users (you) by cybercriminals continues. The attack vectors and file names and types are changing rapidly. We’ll provide more information below on what we know so far, but we need you to do the following:

  • If you receive an email with an unexpected attachment or link, verify with the sender BEFORE opening the attachment or clicking on the link. Your colleague’s account may be compromised. The malicious email may come from them.
  • If you notice that you're receiving many undeliverable messages/bouncebacks in your email, change your password and contact your service desk.
  • Please submit suspected phishing/spam by creating a
  • ... ...

Cyberattack on RIT—RIT Information Security Alert

Cyberattack on RIT

We’re not trying to sound overly dramatic, but we need you to read this alert and take action (and tell your colleagues and fellow students).

RIT and our users (you) are currently under attack by cybercriminals. We’ll provide more information below, but we need you to do the following:

  • If you receive an email with an unexpected attachment or link, verify with the sender BEFORE opening the attachment or clicking on the link. Your colleague’s account may be compromised. The malicious email may come from them.
  • Please submit suspected phishing/spam by creating a new mail note to spam@rit.edu and attaching the suspicious
  • ... ...

RIT Information Security Alert--Job Scams!

RIT Information Security Alert--Job Scams!

... ...

RIT Public Safety contacted the Information Security Office about a recent job scam that has victimized RIT students. The students encountered the scam through what appeared to be an authentic job listing in the RIT Job Zone. (Note that the RIT Job Zone, like most college and university job boards, is administered by a third party.)

Why I’m Receiving This

RIT Students have fallen victim to a scam. We want to help you identify future scams.

RIT Information Security Alert--Account Update Spear Phishing Attacks

RIT Information Security Alert--Account Update Spear Phishing Attacks

Why am I receiving this message?

RIT users have received account update phishing attempts masquerading as official RIT email.

If you've received messages with the Subject Line: RE: Outlook Account Update or Account Update, please delete them. The messages read as follows, 

RIT Information Security Alert: Important Message Phish

RIT Information Security Alert: Important Message Phish

 

RIT email users have received another phishing attack that mimics an RIT official message. PLEASE DON'T CLICK ON THE LINK AND PROVIDE YOUR INFO! You'll receive many of these phishing attempts throughout the academic year. We won't be able to warn you about all of them.

If you've received a message with the Subject Line: RIT: Important... ...

RIT Information Security Alert: Phishing Attacks Targeting RIT

RIT Information Security Alert: Phishing Attacks Targeting RIT

 

1. RIT community members are receiving requests to provide University Identification Numbers (UIDs). The attackers are posing as RIT community members who have forgotten their UIDs. The messages are being sent from external email addresses that mimic the RIT email addresses. (For example, STUDENTADDRESS@gmail.cominstead of STUDENTADDRESS@rit.edu.) Here’s an example of an attack message received:

... ...

Information Security Alert: Change your RIT Password and Heartbleed Follow Up

Information Security Alert: Change your RIT Password and Heartbleed Follow Up We wanted to provide an update on the Heartbleed situation and remind you to change your RIT passwords. The Heartbleed bug has been widely reported and will require action on your part.

Information Security Alert: Heartbleed bug may have exposed your passwords

Information Security Alert: Heartbleed bug may have exposed your passwords

 

Why am I receiving this message?

As you may have heard in the news, a major worldwide vulnerability has been discovered that may affect 2/3 of the websites on the internet.

  • Heartbleed bug—there is a flaw in versions of OpenSSL that

  • ... ...

RIT Information Security Alert: Phishing attacks targeting RIT!

RIT Information Security Alert -- Phishing Attacks Targeting RIT

Why am I receiving this message?

A number of RIT computer users are clicking on links and supplying passwords in response to messages that may appear to be official RIT communications. There are several phishing attempts circulating around RIT. Here are a couple of them with hints on how to recognize that they're phishing attempts.

Phish #1

undefined

Phish #2

undefined... ...