Email Phishing Simulations to Come Back this Fall

AnitPhish (Anti-Phishing Campaign)Phishing attempts – email messages sent by hackers pretending to be your friends, coworkers, or trusted companies – have wreaked havoc across the Internet for years. These messages try to lure you into revealing personal info like passwords and financial information, and their alarmist tone can be deceiving.

Over the past few years, SMU has worked to make people more aware of these phishing attempts by sending simulated phishing emails. For those falling victim to the phishing attempts Continue reading Email Phishing Simulations to Come Back this Fall

Anti-Phishing Campaign Expands to Student Accounts

AnitPhish (Anti-Phishing Campaign)After the success of our anti-phishing campaigns sent to faculty and staff, the OIT Security team will soon be expanding this program to the student body to continue to educate as many in the community as possible about what to look for in suspicious e-mails.

Phishing is one of the most common ways that criminals use to obtain your login credentials or other personal information to wreak havoc. By learning what to expect in these messages, you can get rid of them quickly instead of getting tricked! Students can expect these anti-phishing campaign messages to be sent out starting this week.

Continue reading Anti-Phishing Campaign Expands to Student Accounts

E-mail Phishing Simulations Return

AnitPhish (Anti-Phishing Campaign)Phishing attempts – email messages sent by hackers pretending to be your friends, coworkers, or trusted companies – have wreaked havoc across the Internet for years. These messages try to lure you into revealing personal info like passwords and financial information, and their alarmist tone can be deceiving.

Over the past few years, SMU has worked to make people more aware of these phishing attempts by sending simulated phishing emails. For those falling victim to the phishing attempts Continue reading E-mail Phishing Simulations Return

New gift card phishing scam using fake supervisor email addresses

As we begin the Spring semester, we would like to remind you to be diligent in watching for phishing emails. Over the last several weeks, OIT has been notified by a number of faculty and staff members who have received messages that appear to come from supervisors. The email will urgently request that the individual purchase a gift card (Walmart, iTunes, etc.). The emails have used an external email address like supervisors.name@gmail.com instead of their SMU email address.

The phisher will request that the gift card numbers and pin need to be emailed or texted to the supervisor. These scammers do their research to get the name of the boss and details of his/her employees. Tracing their source is very difficult.

Don’t be fooled!

Below is the sample email exchange in chronological order. Never comply with a request like this and always confirm either in person or with a phone call with the supervisor to make sure this is not a scam. In the example exchange below, Sally ABC is the chair of the Alternative History department of “univ.edu” and was spoofed by the bad guys. Dave XYZ is Sally ABC’s personal assistant.

From: Sally ABC<sally.abc@gmail.com>
To: Dave XYZ <dxyz@univ.edu>
Subject: Respond
There is something I need you to do. Can you get this done ASAP? I need couple of Walmart gift cards (worth $100) for some a giveaway for a student club. Please get the physical card from the store. I need to send them out in less than an hour. When you get the cards, scratch out the back to reveal the card codes, and email me the codes.
I am going into a meeting now with limited phone calls, so just reply my email.
Sally ABC
Sent from my iPad
-----------------------------
Subject: Re: Respond
From: Dave XYZ <dxyz@univ.edu>
To: Sally ABC<sally.abc@gmail.com>
Sally,
Find below the codes below:
Xxxxx 12234 xxxyyy
Abcde 12345 12344
Sent from my iPhone
------------------------

If you have any questions, please feel free to contact the IT Help Desk at 214.768.HELP (4357) or at help@smu.edu.

Protecting Campus from Malware with Machine Learning

CylanceCylancePROTECT was introduced to the SMU campus in 2016 as a way to further secure SMU systems against viruses and malware. As the University became regularly inundated with malicious files, employees could not be expected to keep up with the volume and complexity of these new threats. As the threats evolved, so did our method of protection – machine learning. Continue reading Protecting Campus from Malware with Machine Learning