Welcome to
Information Security

The Information Security Office at RIT is here to help! We offer resources and assistance to keep the campus community safe and secure from Internet and various other online threats.

Protect yourself from
Phishing

The ongoing evolution of digital communication also brings about the evolution of scammers and their methods. Phishing is one kind of such fraud, in which the attacker masquerades as a reputable individual or group, in order to trick users into revealing their private information. Check out our resources to learn how not be baited and reeled in!

Learn more »

Are you the
Weakest Link

Get information on how to safely remove private information from your devices and stay protected. The chain of security is in your hands.

Learn more »

Guard your
Private Information

The Private Information Management Initiative (PIMI) seeks to identify and reduce the amount of private information found on RIT computers and storage devices.

Learn More »

 
 

RIT Information Security Alert: Campus Notification Phishing Attempt

Campus Notification Phishing Attempt

RIT people are receiving an email masquerading as a Campus Notification sent from the RIT Message Center. The message originated from off campus and includes a link to a non-RIT address. Clicking on the link will take you to the phishing site.

 

Here is the phishing email:

 From: "RIT Message" <k.milne-15@student.lboro.ac.uk> Date: Apr 10, 2017 5:55 PM Subject: Campus Notification To: <RIT ADDRESSEE> CC: Hi there, You have an important campus notification Follow the link to read the notification Campus Notification Thank you, RIT Campus Notification, 

How do I know this is... ...

RIT Information Security Alert: Drop Box and "Confirm Your Account" Phishing Attempts

"Confirm Your Account" Phishing Attempts

The phishing attacks have broadened to include a Drop Box associated phish and a simulated RIT Information Security Alert. Both phishes include links to compromised non-RIT websites. 

 

Drop Box Phish

From: Drop Box* <sdinatale@tampabay.com>

You have *1 new important document as of April 04, 2017 which is listed below along with the action that can be taken. You can view or download you documents by visiting preview or download page. Happy Dropboxing! 

- The Dropbox Team

P.S. Learn how to protect your account.

 

Simulated RIT Information Security Alert Phish

Subject: RIT... ...

RIT Information Security Alert: Recognizing that You're Really at myinfo.rit.edu

RIT users continue to be targeted in a phishing attack that masquerades as important messages to employees. The links provided in the email messages closely resemble our myinfo page, but there are a couple of indications that you’ve gone to a spoofed page.

Recognizing the Real RIT myinfo Page

 

Legitimate Site Indications

In the Address Bar: look for the following (from the left):

RIT Information Security Alert: Important Message from Faculty/Staff Phishing Email

RIT users are again being targeted in a phishing attack that masquerades as important messages to employees. The links provided in the email messages resemble our myinfo page.

Here’s one of the variants below. You’ll note that although the end of the link is myinfo.rit.edu, the first part of the link is to a compromised WordPress site. Clicking on that link would take you to the website that mimics myinfo.rit.edu, not to the RIT site. 

------------------------------------------------------------------------------------------------------------------------------------

From: Rochester Institute of Technology [mailto:noreply@rit.edu]

Sent: Tue 3/28/2017 1:15 PM

Subject: Important message from RIT Faculty/Staff

Dear Employee:
You have new important message... ...

Avoid Questionable Mobile Apps

Avoid Questionable Mobile Apps

It is important to make sure a Mobile App is reliable before downloading it. Detecting malicious apps is not always easy, but there are a few steps you should take before downloading an app.

One in every five people in the world own a smartphone according to a 2013 report in Business Insider and with the significant growth of smartphone usage, the issues surrounding mobile security have also grown. 

Android users have the highest risk of downloading malicious apps.  Researchers at Kaspersky found over 200,000 samples of mobile malware at the Google Play store and additional... ...