Tag: Security Awareness

#SecureTheSeason: Don’t Let Scammers Steal Your Holiday Spirit

Holiday Online Shopping & Scam Awareness for the SMU Community

An illustration of a blue snowflake with a padlock cut out of its shapeThe holiday season brings joy, celebration, and—unfortunately—an annual spike in online scams. With shopping, travel, and donation requests at their peak, cybercriminals ramp up their efforts to trick busy students, faculty, and staff with too-good-to-be-true deals, fake charity solicitations, and realistic phishing emails. Continue reading #SecureTheSeason: Don’t Let Scammers Steal Your Holiday Spirit

You Have a New Voicemail… Or Do You? What Our Phishing Campaign Revealed

a red anglerfish with a key instead of a light with a no symbol across itIn October, SMU launched a simulated phishing campaign that targeted faculty, staff, and students. The simulations weren’t designed to “catch” anyone but were intended to reinforce security habits and to create an experience that could be learned from. Let’s dive into the message and see what exactly made this a “phish.” Continue reading You Have a New Voicemail… Or Do You? What Our Phishing Campaign Revealed

Don’t Get Hooked: Phishing Simulations Coming Soon

a red anglerfish with a key instead of a light with a no symbol across itThis October, SMU is rolling out a series of initiatives as part of Cybersecurity Awareness Month to help students, faculty, and staff stay safe online — both on campus and at home.

As part of these efforts, the Information Security team will launch phishing simulations designed to help our community recognize and avoid email-based scams. These simulations aren’t about “catching” anyone — they’re a chance to practice spotting red flags and build habits that protect you and our university. Continue reading Don’t Get Hooked: Phishing Simulations Coming Soon

Duo Verified Push Starts Today

Starting today, SMU requires a Verified Push from Duo Security when accessing the majority of SMU services protected with Duo multi-factor authentication (MFA).

Cisco Duo Logo (2 color)Malicious actors have taken advantage of push harassment and fatigue to exploit weaknesses in security features. To combat this nuisance, the new Verified Push requires you to enter a six-digit numeric code with any push notification. By using a verification code, we ensure only verified users can log in and reduce the chances of someone absent-mindedly accepting a push they did not request. The Verified Push will increase the protection of our MFA solution and help protect your accounts from unauthorized access. Continue reading Duo Verified Push Starts Today

Protect Yourself: Fighting MFA Fatigue

MFA FatigueLast week, OIT notified the campus of a successful phishing campaign targeting the SMU community. In this campaign, we noted that cybercriminals had begun using a new technique where they repeatedly send Duo requests to users who have shared their username and password to annoy users into approving the two-factor request.

This technique, referred to as “MFA fatigue,” has become increasingly common, and over the next several weeks, OIT will begin implementing measures to combat this trend. In the meantime, we recommend you take the following actions if you notice something suspicious: Continue reading Protect Yourself: Fighting MFA Fatigue

IT Connect is published by the Office of Information Technology at Southern Methodist University.


Office of Information Technology
Copyright © Office of Information Technology, SMU
smu.edu/help  | 214.768.HELPhelp@smu.edu