Category: Security Awareness
-
Public O365 Groups, Teams, Sharepoint
As of 11/20/2023 any Office 365 Group, Team or Sharepoint site that has visibility set to Public will be changed to Private due to the risk of accidental exposure of confidential data and other unintended consequences (e.g., unauthorized data modification) If you would like assistance with using Office 365 for secure document storage and collaboration, please consult with your departmental IT or help.unc.edu to review… Read More about Public O365 Groups, Teams, Sharepoint.
-
Research Position Scam
Key Takeaways Always be suspicious of unsolicited emails. A UNC employee or department should never advertise a job via a non-UNC email address. Student work opportunities are posted at https://studentwork.unc.edu/students/finding-job/ and UNC job opportunities are posted at https://hr.unc.edu. For external organizations, use their official website to find job postings. Closely inspect the From field and the External label (i.e., “You don’t often get email from…”) for… Read More about Research Position Scam.
-
National Cybersecurity Awareness Month: Phish Resistant MFA
Key Takeaways: UNC is rolling out Phishing-Resistant MFA through the CarolinaKey initiative. Setting up CarolinaKey will increase your security posture and reduce the number of times you have to type a password + approve an MFA push. You are 99% less likely to get hacked if your account uses MFA. Enable MFA wherever it is available, especially your personal email and financial services. Any MFA… Read More about National Cybersecurity Awareness Month: Phish Resistant MFA.
-
National Cybersecurity Awareness Month: QR Code Scams and Phishing
October is Cybersecurity Awareness Month. All month long, ITS News will highlight how ITS — and you — keep the University safe. In this guest post, Drew Trumbull with the Information Security Office, shares how malicious actors are using QR codes for scams and phishing campaigns. Check out all Cybersecurity Awareness Month events, or for year-round tips on staying cybersafe, visit Safe Computing at UNC…. Read More about National Cybersecurity Awareness Month: QR Code Scams and Phishing.
-
National Cybersecurity Awareness Month: AI and Machine Learning as a Function of Security
October is Cybersecurity Awareness Month. All month long, ITS News will highlight how ITS — and you — keep the University safe. In this guest post, Josh Jenkins with the Information Security Office, shares how machine learning technologies are changing cyber and physical security. Check out all Cybersecurity Awareness Month events, or for year-round tips on staying cybersafe, visit Safe Computing at UNC. The integration… Read More about National Cybersecurity Awareness Month: AI and Machine Learning as a Function of Security.
-
National Cybersecurity Awareness Month 2023 Events
It’s almost time for Cybersecurity Awareness Month! The Information Security Office, in partnership with UNC School of Medicine IT and the ITS Service Desk, is planning a full month of activities, events and content. Read the full story HERE. Pencil in these dates and stay tuned for more details: October 2, swing by Polk Place for a student-focused tent event, featuring “evil” Wi-Fi, a possible… Read More about National Cybersecurity Awareness Month 2023 Events.
-
National Cybersecurity Awareness Month: SecOps and IR Table
October marks National Cybersecurity Awareness Month. This page was created as a handout to introduce the Security Operations and Incident Response (SecOps & IR) pillars within the UNC Information Security Office. What is SecOps & IR at UNC? The goals of the SecOps & IR Team are to: Prepare the UNC environment to withstand cybersecurity threats: stop incidents before they occur. Identify cybersecurity incidents when… Read More about National Cybersecurity Awareness Month: SecOps and IR Table.
-
Fake UNC Job Scam
There have been multiple reports of scam phishing emails soliciting applications for a Research Assistant position. An example is shown below with the impersonated Professor and scammer’s contact information removed. Here are a few ways to spot the phish The display name in the From field does not match the email address. Why is the UNC Professor not using their UNC Email Address for this communication… Read More about Fake UNC Job Scam.
-
Tech Support Scam and Browser Lock
There have been several reports of Tech Support Scams that begin with a “Browser Lock” pop-up malware notification that opens in full screen view, making it difficult to close. The pop-up displays a telephone number to call which will lead to the scammer directing you to setup remote screen sharing access through a tool such as teamviewer or logmein. From there the scammer will try… Read More about Tech Support Scam and Browser Lock.
-
DocuSign Themed Phishing
We’ve recently seen a number of DocuSign themed phishing messages targeting UNC email inboxes. DocuSign provides guidance on How DocuSign Users Can Spot, Avoid and Report Fraud. Here are some key takeaways: Who sent the email? Legitimate DocuSign messages should come from an email address that ends with DocuSign.com or DocuSign.net. Hover to discover! Always check where a link goes before clicking by hovering your… Read More about DocuSign Themed Phishing.