Protect Yourself: Fighting MFA Fatigue

MFA FatigueLast week, OIT notified the campus of a successful phishing campaign targeting the SMU community. In this campaign, we noted that cybercriminals had begun using a new technique where they repeatedly send Duo requests to users who have shared their username and password to annoy users into approving the two-factor request.

This technique, referred to as “MFA fatigue,” has become increasingly common, and over the next several weeks, OIT will begin implementing measures to combat this trend. In the meantime, we recommend you take the following actions if you notice something suspicious: Continue reading Protect Yourself: Fighting MFA Fatigue

Cyber Wellness Program Helps SMU Community Discover Its Strengths

Cybersecurity Wellness ProgramLast October, SMU offered employees the option of participating in a pilot of our first-ever Cyber Wellness Program. The Cybersecurity Wellness Program is based on the award-winning book, Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future by SMU’s CSO, George Finney. Well Aware helps make security easy by making security a habit.

As we all should now realize, cybersecurity is critical for success in our modern world, and learning to master your cybersecurity habits will not only help you to protect your company and your career but also your family and your future.

The nine cybersecurity habits are Continue reading Cyber Wellness Program Helps SMU Community Discover Its Strengths

New gift card phishing scam using fake supervisor email addresses

Anti-Phishing LogoAs we begin the Spring semester, we would like to remind you to be diligent in watching for phishing emails. Over the last several weeks, OIT has been notified by a number of faculty and staff members who have received messages that appear to come from supervisors. The email will urgently request that the individual purchase a gift card (Walmart, iTunes, etc.). The emails have used an external email address like supervisors.name@gmail.com instead of their SMU email address.

The phisher will request that the gift card numbers and pin need to be emailed or texted to the supervisor. These scammers do their research to get the name of the boss and details of his/her employees. Tracing their source is very difficult.

Don’t be fooled!

Below is the sample email exchange in chronological order. Continue reading New gift card phishing scam using fake supervisor email addresses