Welcome to
Information Security

The Information Security Office provides leadership to the RIT community in safeguarding the confidentiality, integrity and availability of RIT’s  information resources.

Learn more »

Are you the
Weakest Link

Get information on how to safely remove private information from your devices and stay protected. The chain of security is in your hands.

Learn more »

Guard your
Private Information

The Private Information Management Initiative (PIMI) seeks to identify and reduce the amount of private information found on RIT computers and storage devices.

Learn More »

Learn more
InfoSec About Us Lock + Cable
Sentinel - Standards and Policies
,
Learn about
Phishing

The ongoing evolution of digital communication also brings about the evolution of scammers and their methods. Phishing is one kind of such fraud, in which the attacker masquerades as a reputable individual or group, in order to trick users into revealing their private information. Check out our resources to learn how not be baited and reeled in!

Learn more »
 
 

Delivery Notification Scam

Submitted by apgiso on Fri, 04/19/2019 - 14:42

Delivery Notification Scam

Fake package delivery update emails are a form of phishing being used to install malware and steal personal information. These delivery emails appear to come from the U.S. Postal Service, UPS, FedEx, or another delivery service. Clicking a link in one of these emails can install malicious software on your device.

 

If you are unsure if a delivery notification is legitimate, do not click any links in the email or download any attachments. You can copy the tracking link and paste it into the delivery company’s website

 

How to Identify Fraudulent Delivery Notifications

  • Hover your cursor
    • ... ...

RIT Information Security Education--How to Know if You've Been Hacked

Submitted by sxmiso on Fri, 02/08/2019 - 14:16

Compromised accounts happen. Quick identification and response can reduce the harm done to your account and your personal information.

How to know if you’ve been hacked:

  • Your friends tell you. They’ve received a spammy or phishy e-mail from your email account, social media, messaging apps, or SMS.
  • Your phone tells you. Battery and data usage are higher than normal. Charges for premium SMS numbers show up on your bill.
  • Your merchants or bank tell you.You receive collection calls.
    • ... ...

RIT Information Security Alert: Important Security Notification Phishing Attempt

Submitted by awmiso on Sun, 01/14/2018 - 13:37

We’ve received a spear phishing attempt (a phish targeted at a specific population) claiming that there is a security emergency on campus. The email asks the reader to access a linked REPORT and follow protocol. If you encounter this phish, please just delete it.

Here’s the text from the phishing attempt:

--------------------------------

From: "Cullis, Barbara" <EMAIL ADDRESS>
Date: January 12, 2018 at 3:33:00 PM EST
To: Undisclosed recipients:;
Subject: Important Security Notification

Hello All,

There is a security emergency in Campus. Please go through REPORT released for update

and follow protocol.

---------------------------

What can I do to protect myself?

  • Be vigilant! Never respond to an email request for your username or
    • ... ...

RIT Information Security Alert--Patch the Flaw in MacOS High Sierra

Submitted by sxmiso on Mon, 12/04/2017 - 09:06

RIT Information Security Alert--Patch the Flaw in MacOS High Sierra

Why am I receiving this message?

Apple has released a patch today for a flaw disclosed on 28 November in the most recent version of its MacOS, High Sierra. The flaw allowed administrative access to attackers without requiring a password.

Please install the patch ASAP by opening the App Store app on your Mac, clicking Updates in the App Store toolbar, and then using the Update buttons to download and install any updates listed.

For More Information... ...

RIT Information Security Education--Avoiding Ransomware Attacks

Submitted by sxmiso on Mon, 10/23/2017 - 11:40

Ransomware is a type of malware designed to encrypt users’ files or lock their operating systems so attackers can demand a ransom payment. According to a 2016 Symantec report, the average ransom demand is almost $700 and “consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.”

How would I get ransomware?

Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or email attachment or to download a file... ...