News

RIT Information Security Alert: Important Security Notification Phishing Attempt

We’ve received a spear phishing attempt (a phish targeted at a specific population) claiming that there is a security emergency on campus. The email asks the reader to access a linked REPORT and follow protocol. If you encounter this phish, please just delete it.

Here’s the text from the phishing attempt:

--------------------------------

From: "Cullis, Barbara" <EMAIL ADDRESS>
Date: January 12, 2018 at 3:33:00 PM EST
To: Undisclosed recipients:;
Subject: Important Security Notification

Hello All,

There is a security emergency in Campus. Please go through REPORT released for update

and follow protocol.

---------------------------

What can I do to protect myself?

  • Be vigilant! Never respond to an email request for your username
  • ... ...

RIT Information Security Alert--Patch the Flaw in MacOS High Sierra

RIT Information Security Alert--Patch the Flaw in MacOS High Sierra

Why am I receiving this message?

Apple has released a patch today for a flaw disclosed on 28 November in the most recent version of its MacOS, High Sierra. The flaw allowed administrative access to attackers without requiring a password.

Please install the patch ASAP by opening the App Store app on your Mac, clicking Updates in the App Store toolbar, and then using the Update buttons to download and install any updates listed.

For More Information... ...

RIT Information Security Education--Avoiding Ransomware Attacks

Ransomware is a type of malware designed to encrypt users’ files or lock their operating systems so attackers can demand a ransom payment. According to a 2016 Symantec report, the average ransom demand is almost $700 and “consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.”

How would I get ransomware?

Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or email attachment or to download a file... ...

Single Sign-on now required for accessing Oracle/myInfo/myBiz accounts: Multi-factor authentication available

Dear Faculty, Staff, and Student Employees:

As of today, October 23rd, you will need only your RIT account to log into the Oracle myinfo/mybiz applications. You will no longer use your Oracle username and password!

In addition, Multi-factor authentication is now available and will be required when logging in to the Oracle Apps as of December 5th.

Multi-Factor Authentication (MFA) is a way of ensuring that only you are able to access your accounts on specific applications. MFA requires you to provide another “factor” (such... ...

RIT Information Security Education--How to Know if You've Been Hacked

Compromised accounts happen. Quick identification and response can reduce the harm done to your account and your personal information.

How to know if you’ve been hacked:

  • Your friends tell you. They’ve received a spammy or phishy e-mail from your email account, social media, messaging apps, or SMS.
  • Your phone tells you. Battery and data usage are higher than normal. Charges for premium SMS numbers show up on your bill.
  • Your merchants or bank tell you.You receive collection calls.
  • ... ...

RIT Information Security Alert—Payroll message! Phish

Why am I receiving this message?

Many RIT faculty, staff, and students have received an email masquerading as an important message regarding 2017 payroll.

Sample Phishing Email

-----------------------------------------

From: myRIT <Sender email address>
Date: Mon, June 26, 2017 at 6:06 PM
Subject: Payroll message!
To: recipient email address

1 New Notification Regarding Your 2017 Payroll

http://www.rit.edu/h/payroll/2017/f0rms.pdf <The original link goes to a page that looks like an RIT login page. We’ve replaced it.>

University of Florida.

-----------------------------------------... ...

RIT Information Security Alert--Campus Notification Phishing Attempt

RIT people are receiving an email masquerading as a Campus Notification sent from the RIT Message Center. The message is originating from off campus and includes a link to a non-RIT address. Clicking on the link will take you to the phishing site.

Here’s the phishing email:

-------------------------------------------------------------------------------

From: "RIT Message" <k.milne-15@student.lboro.ac.uk>
Date: Apr 10, 2017 5:55 PM
Subject: Campus notification
To: <RIT ADDRESSEE>
Cc:

Hi there,

You have an important campus notification Follow the link to read the notofication

Campus notification

Thank you.

RIT Campus Notification,... ...

RIT Information Security Alert--Memo from HR Department Phishing Attempt

Here’s the phishing email:

-------------------------------------------------------------------------------

From: John Daniel <offsiteaddress>

Subject: Memo from HR Department
To: <RIT ADDRESSEE>

Greetings,

 

You have a message from the Human Resources Department.

 

Click here to view your message <Link goes to spoofed Outlook Web Access page>

 

Copyright © 2017. All rights reserved.

------------------------------------------------------------

How do I know this is a phishing attempt?

  • The days of looking at an email and knowing immediately that it's a phishing attempt
  • ... ...

RIT Information Security Advisory: Stealthy Word-wire Cyberattack

Cybersecurity firms are warning of an additional attack that targets the same vulnerabilities targeted by the WannaCry ransomware. Unlike WannaCry, this is not a ransomware attack. Instead the attackers take control of your computer and use it to mine virtual currency (cryptocurrency).

The issue for you is that even though the attackers haven’t yet encrypted your files and demanded a ransom, they’re still able to do that at any time, and they also have access to all files stored on your computer. You MAY notice a slowdown in how fast your computer runs or be unable to access specific resources.... ...

RIT Information Security Alert:: Preparing for WannaCry and Other Ransomware Attacks

We’ve seen many reports about the WannaCry ransomware attack that has been hitting computers worldwide. Although a researcher was fortunate enough to accidentally stop the initial wave of attacks, recent reports indicate that the attackers will be launching a new round of attacks. Researchers suspect that initial infections may have occurred through phishing attacks. The WannaCry ransomware itself is promulgating as a worm through networks worldwide. Worms prey on vulnerabilities in unpatched computers. NO USER INTERACTION needs to occur to be infected.

Ransomware is malicious software that encrypts a victim’s hard drive and then demands that a ransom be paid... ...