Information Security

The Health IT Information Security Office is dedicated to protecting the integrity of student, research, client, and patient data through implementing best industry standards and promoting user awareness. Staff receives specialized training to effectively secure the technical environment to meet FERPA, HIPAA, NIST, as well as several other federally implemented standards.

The team works in conjunction with the university Information Security Office, Health Affairs Legal Office, and technical teams to strategize efforts across all environments; implementing new technologies, vendor review, policy development, and incident response.

Latest News

4.26.23 – Multi-Factor Authentication Coming Soon for Webcourses Access

Submitted by: Matthew Fitzgerald, Deputy Chief Information Security Officer
Submitted For: David Zambri, Chief Information Security Officer and Assc. VP
Subject: Multi-Factor Authentication Coming Soon for Webcourses Access

As part of the University’s ongoing efforts to enhance the security of our network and academic data, we will add Multi-Factor Authentication (MFA) protection for all faculty, staff and students to access their Webcourses accounts.

The new requirements will go into effect starting May 8. Faculty and staff who have volunteered to participate in the ‘Passwordless Authentication’ pilot program will be prompted to use Microsoft Authenticator for Webcourses. Additional information will be communicated to this group in the coming month.

All others will use DUO MFA to sign into Webcourses– the same Multi-Factor Authentication (MFA) app used to sign into Workday, MyUCF and other applications.

What do you need to do? If you are not a DUO user and are not currently enrolled in the ‘Passwordless Authentication’ pilot program, please use this DUO MFA Knowledge Base Article to register a device for MFA use: https://ucf.service-now.com/ucfit?id=kb_article&sys_id=00ba24941b8b05106f0ee3fb234bcb39

-=-=-=
UCF Information Security Office
https://infosec.ucf.edu | https://twitter.com/UCF_InfoSec | infosec@ucf.edu

UCF will never send email messages asking you to respond and provide personal information, login credentials, or passwords via email. You are not required, nor does UCF encourage or recommend providing your passwords and/or other secret login credentials to anyone claiming to represent UCF. Never reply to unsolicited email messages requesting your password, credentials, or other confidential information and never share your password with anyone. Regard all unsolicited messages with extreme caution and alert the Security Incident Response Team at mailto:sirt@ucf.edu if a message appears suspicious.

4.28.22 – UCF InfoSec Advisory – Gift Card Scams

Submitted by: Thierry Lechler, Information Security Professional III

Submitted for: David Zambri, Chief Information Security Officer & Associate Vice President

Subject: UCF InfoSec Advisory – Gift Card Scams

The Information Security Office has seen an increase in the number of reported gift card scams targeting UCF employees. In many cases, the email impersonates a UCF employee or supervisor.

While the sender information and message content may vary, the scam generally follows the same pattern of multiple stages. The initial email is intentionally vague and very brief. Once the UCF employee responds, the scammer then provides more details in several additional emails. Often, these emails request that gift cards be purchased for a special event, with the promise of reimbursement later.

Pay close attention to the sender’s email address when receiving an unexpected email. If the sender claims to be a UCF employee but the email address is from a third party (Gmail, yahoo, or anything other than ucf.edu) it’s most likely a scam. For more information about phishing emails and how to spot and report them, visit our Phishing Awareness page, please copy and paste this link into your browser: https://infosec.ucf.edu/phishing.

Report emails asking you to purchase gift cards on behalf of another UCF employee by clicking the Phish Alert button on the Outlook ribbon. It is recommend not replying to the sender. Remember to treat gift cards as cash, and never send pictures of cards and their codes via email.

To visit the Information Security Office website, please copy and paste this link into your browser: https://infosec.ucf.edu or contact us at mailto:infosec@ucf.edu if you have any questions.

———————

UCF will never send messages asking you to respond and provide personal information, login credentials, or passwords via email. You are not required, nor does UCF encourage or recommend providing your passwords and/or other secret login credentials to anyone claiming to represent UCF. Never respond to unsolicited email messages requesting your password, credentials, or other confidential information and never share your password with anyone. Regard all unsolicited messages with extreme caution and alert the Security Incident Response Team at mailto:SIRT@ucf.edu if a message appears suspicious.

2.28.22 – UCF InfoSec Advisory-Russian Escalation in Cyberspace

Submitted by: Thierry Lechler and Delainey Strickland

Submitted for: David Zambri, Chief Information Security Officer & Associate Vice President

Subject: UCF InfoSec Advisory— Russian Escalation in Cyberspace

Given recent global events in the news, there is an increased likelihood that UCF may become the target of disruptive activities. This may lead to UCF experiencing service interruptions and/or unintended breach of data. Please remain vigilant during this time and report any suspicious activities to SIRT@ucf.edu.

How can you protect yourself?

• Be wary of clicking on links within emails, even if they appear to be from a trusted user. If you’re unsure, type the fully formed URL into your web browser.

• Be vigilant about phishing attempts that try to take advantage of rising tension. For more information, please refer to https://infosec.ucf.edu/awareness/phishing/.

• Protect your digital assets by updating your systems and software that stores your professional and personal data to the latest known patches.

• Backup your valuable data, test your backups, and make sure to maintain an offline copy if possible.

• Keep your accounts secure by enabling Multi-Factor Authentication where you can and maintaining strong password practices.

• Be aware of suspicious charities or other scams as they become more commonplace as the spread of misinformation rises with the intent to manipulate emotions.

As always, if you receive suspicious emails in your UCF email, report them using the Phish Alert Button: https://infosec.ucf.edu/awareness/phish-alert-button/ or by forwarding it as an attachment to SIRT@ucf.edu.

UCF InfoSec is here to help you with any information security concerns. Contact us at infosec@ucf.edu.

Thank you,

UCF Information Security Office

infosec.ucf.edu

———————

1.20.22 – MFA Is Coming

With ever-increasing threats of phishing, keyloggers, credential stuffing, brute force and man-in-the-middle (MITM) attacks, it’s imperative that UCF implements multi-factor authentication (MFA).

All faculty and staff will begin mandatory enrollment for Microsoft O365 MFA, which provides another layer of protection for Outlook, OneDrive and other critical applications.

Starting February 17, enrollment will be divided into groups based on college/division. Each week, enrollment will occur Monday through Thursday, providing an opportunity for evaluation and adjustments on Fridays.

Thank you in advance for your help and your continued dedication to keeping the UCF community safe from external threats.

More information to come.

In the meantime, click here to learn more.

1.14.22 – UCF InfoSec Advisory-COVID Testing Scams

Submitted by: Thierry Lechler and Delainey Strickland

Submitted for: David Zambri, Chief Information Security Officer & Associate Vice President

Subject: UCF InfoSec Advisory-COVID Testing Scams

Cyber criminals are taking advantage of the current pandemic by sending fake COVID testing or contact tracing messages via email, phone calls and text. These messages may ask you to click a link or provide personal information. The links can potentially download malicious software to your computer and lead to identity theft or financial loss.

How to protect yourself?

. Disregard unexpected text messages, emails, or phone calls with suspicion

. Do not click any links in these suspicious text messages or emails – it may download software that can access your personal and financial information

. If an unsolicited call asks for sensitive personal information, such as your Social Security Number or credit card number, hang up

For more information, please see these resources:

. https://www.fbi.gov/coronavirus

. https://www.justice.gov/coronavirus

. https://oig.hhs.gov/fraud/consumer-alerts/fraud-alert-covid-19-scams/

If you receive suspicious emails in your UCF email that ask you to download an attachment or click a link, report them using the Phish Alert Button: https://infosec.ucf.edu/awareness/phish-alert-button/ or by forwarding it as an attachment to mailto:SIRT@ucf.edu.

UCF InfoSec is here to help you with any information security concerns. Contact us at mailto:infosec@ucf.edu .

Thank you,

UCF Information Security Office

https://infosec.ucf.edu

infosec@ucf.edu

11.9.21: Text Scamming

Submitted By: David Zambri, Chief Information Security Officer

Subject: Be Vigilant About Scams

UCF students, faculty and staff were recent targets of a text messaging scam, and we want you to be aware of ways to protect your information.

Scammers may send you a text or email, often impersonating others at UCF, asking you to purchase gift cards for a special event. UCF will never ask you to do that. Do not click any links or respond to any messages or calls from these scammers.

These phishing attacks are the most common methods criminals use to scam, steal and infect systems with malware. Know how to spot a phishing attack, such as messages with a sense of urgency, pressure to click a link or open an attachment, or offers that are too good to be true.

Make it difficult for your accounts to be compromised. Set strong passwords that you immediately change if compromised, and never click on a link from a sender you do not know or trust.

Please be vigilant about suspicious emails and text messages and report anything that you believe to be unusual or malicious to SIRT@ucf.edu. Your vigilance can be a first line of defense against these attacks.

We appreciate you being on the lookout and helping to protect yourself, each other and UCF.

7.13.21: UCF Expanding Multi-Factor Authentication Protection

Submitted by: UCF IT

Submitted for: UCF Information Security Office (InfoSec)

Subject: UCF Expanding Multi-Factor Authentication Protection

Multi-Factor Authentication (MFA), also known as two-step verification, requires users to verify their identity using two different credentials. These credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smartphone or USB key), or something you are (like your fingerprint).

UCF InfoSec recommends enabling MFA protection on all your accounts that offer it. Did you know that MFAis available to protect your UCF email account (@ucf.edu email account and all of Microsoft 365 services, including OneDrive)?

WHY SHOULD I USE MFA?

Login credentials are more valuable than ever and are increasingly easy to compromise. Most breaches today involve compromised usernames and passwords. MFA enhances the security of your account by using a secondary key to verify your identity. This prevents anyone but you from accessing your account and data, even if they know your password.

HOW CAN I ENABLE MFA TO PROTECT MY ACCOUNT AND DATA?

You can submit a ServiceNow request to enroll your UCF Microsoft 365 account in MFAhere: https://ucf.service-now.com/ucfit?id=sc_cat_item&sys_id=ce6390d41b4da01065100feddc4bcbfd

Thank you for wanting to protect your account, your fellow Knights, and UCF!

WHAT CHANGES ARE COMING IN AUGUST?

If you are currently required to use MFA to sign on to myUCF, then on August 12 you will be required to use MFA to access your UCF email (@ucf.edu email account and all of Microsoft 365 services, including OneDrive).

All employees will use MFA to sign on to the UCF Enterprise Virtual Private Network (VPN).

WHAT DO I NEED TO DO?

If you already use Duo MFA, no action on your part is necessary. If you have not already enrolled in Duo, please visit the MFA KB article and scroll to the “How Do I Get Started” section that explains how to enroll: https://ucf.service-now.com/ucfit?id=kb_article&sys_id=3e87febbdbf0acd003f806d1ca9619d2.

IS MFA EASY TO USE?

Yes, there are several ways to obtain the secondary key when using MFA. UCF InfoSec recommends the easiest method: using the Duo application on a smartphone and the Duo Push notification method. When signing on the notification will appear on your smartphone, and with a few simple taps, you’re done!

To learn more about MFA at UCF, please visit https://infosec.ucf.edu/mfa.

Thank you,

UCF Information Security Office

infosec@ucf.edu

Twitter: @UCF_InfoSec

https://infosec.ucf.edu

———————

7.13.21: Statuspage Adoption

Submitted by: Scott Baron, Assc Director, IT Performance and Service Management

Submitted for: Michael Scruggs, Assc VP Deputy CIO & CTO

Subject: Statuspage Adoption

UCF Service Status Health Dashboard

We want to encourage the adoption and use of the UCF Service Status Health Dashboard. Over the past couple of weeks, the dashboard “opt in” status has increased by 20%.

The website provides updates regarding the status of critical services for the UCF community. It can be found at the following address: https://status.ucf.edu/. Currently this dashboard is primarily IT focused, however various departments are starting to add other critical university systems and services to this dashboard. These areas can include but not be limited to; IT, Facilities, Research, Data reporting & analytics, websites, etc.

We encourage you to visit the dashboard and click the “Subscribe to Updates” button to receive immediate notifications of service disruptions that may impact you. For step-by-step instructions, use the following link to guide you: https://ucf.service-now.com/kb_view.do?sys_kb_id=fa9cf4c71b30b010caa8997a234bcbc8). Please take notice of being able to subscribe to both text and email notifications.

For any additional questions or support, please contact the UCF Support Center at 407-823-5117.

Thank you.

7.6.21: UCF InfoSec Tips – Protecting Your Accounts and UCF Data

Submitted by: UCF IT

Submitted for: UCF Information Security Office (InfoSec)

Subject: UCF InfoSec Tips – Protecting Your Accounts and UCF Data

UCF InfoSec would like to remind employees of the importance of information security. We are all responsible for ensuring the security of our UCF accounts, the university’s technology resources, and the data UCF collects, processes, and stores. Phishing and ransomware remain significant threats to educational institutes, and we must remain vigilant to guard against these threats.

1. How can I protect my accounts?

• Set a strong, unique password for each account and never share your password with anyone

• Enable Multi-Factor Authentication (MFA) on all accounts that support it. Learn how to enable MFA on your UCF Microsoft 365 email: https://infosec.ucf.edu/mfa

• Before entering your username and password on a site, closely examine the website address to ensure it’s legitimate

2. How can I protect UCF data?

• Review UCF Policy 4-008 and be sure you know what Restricted and Highly Restricted data is, how it can be protected, and where it can be stored: https://policies.ucf.edu

• Do not store university data on personal devices or personal cloud storage

• Always use the UCF VPN whenever accessing sensitive UCF data while off campus: https://ucf.service-now.com/ucfit?id=kb_article&sys_id=3ec34f471b3b48d05cd6b912cd4bcb74

• When working with university data, make sure you are in an area where others cannot view your device screen or access printed materials

• Do not use personal devices or personal email to conduct university business

3. What is ransomware and how can I guard against it?

Ransomware is a type of malicious software (malware) that encrypts data on a system to prevent you from accessing it unless you pay a ransom. In some cases, it also sends a copy of the data to the cyber criminals, who will then threaten to release sensitive data publicly unless the ransom is paid.

Ransomware is nothing new, but we’re hearing about it in the news because it’s become so profitable to cyber criminals around the world. You can help protect UCF from suffering a ransomware attack by taking the following steps:

• Don’t take the bait: phishing attacks are the most common methods cyber criminals use to infect systems with malware. Know how to spot a phishing attack, such as emails with a sense of urgency, pressure to click a link or open an attachment, or offers that are too good to be true. Report suspicious emails using the Phish Alert Button: https://infosec.ucf.edu/awareness/phish-alert-button/

• Secure your accounts: don’t make it easy for the cyber criminals to compromise your accounts. See the tips above to protect yourself, and if you believe your password has been compromised, change it immediately.

• Secure your systems: make sure your devices are up to date and running an anti-malware solution. Enable automatic updating whenever possible. Your IT support will manage this for university-owned devices.

These steps can help you protect your systems from malware, both at work and at home. UCF InfoSec is here to help you with any information security concerns you may have. If you have any questions, please contact us at infosec@ucf.edu.

Thank you,

UCF Information Security Office

infosec@ucf.edu

Twitter: @UCF_InfoSec

https://infosec.ucf.edu

6.28.21: UCF InfoSec Alert – Phishing Attack Targeting UCF Employees

Submitted by: UCF IT

Submitted for: UCF Information Security Office (InfoSec)

Subject: UCF InfoSec Alert – Phishing Attack Targeting UCF Employees

UCF InfoSec has been made aware of a phishing message recently sent to UCF employees. Below are the details:

From: Karen Hickey

Subject: Fw: Employee support program

The message claims that UCF will provide financial assistance for employees impacted by the COVID-19 pandemic and asks recipients to click a link to register.

This message is fraudulent, and clicking the link or providing personal information may lead to financial loss or account compromise.

If you received such an email, please report it using the Phish Alert Button within Outlook.

If you clicked the link and provided any sensitive information (e.g., credit card numbers, Social Security number, etc.), notify the Security Incident Response Team by submitting a Service Now ticket: https://ucf.service-now.com/ucfit?id=sc_cat_item&sys_id=8b37a93b4fe2a6005af423d18110c7d5&sysparm_category=74a5d6564f0cb2005af423d18110c76a&catalog_id=-1 .

Thank you,

UCF Information Security Office

infosec@ucf.edu

Twitter: @UCF_InfoSec

https://infosec.ucf.edu

6.3.21: UCF InfoSec Advisory – Spear Phishing Campaigns Targeting Government and Non-Governmental Organizations

Submitted by: UCF IT

Submitted for: UCF Information Security Office (InfoSec)

Subject: UCF InfoSec Advisory – Spear Phishing Campaigns Targeting Government and Non-Governmental Organizations

UCF InfoSec would like to make the UCF community aware of a joint CISA / FBI advisory regarding a recent spear phishing campaign. Unlike phishing messages that are generic, spear phishing attacks are often targeted to specific organizations or individuals and can be very difficult to spot. Spear phishing messages use content that’s relevant to you and may include information about you, your employer, or a company with which you’ve done business in an effort to appear legitimate.

From the CISA / FBI advisory:

CISA and the Federal Bureau of Investigation (FBI) are responding to an ongoing spear phishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact—a legitimate email marketing software company—to spoof a U.S. government organization and distribute links to malicious URLs.

View the advisory here: https://us-cert.cisa.gov/ncas/alerts/aa21-148a

UCF InfoSec reminds you to stay vigilant when reviewing messages. Regard any unexpected emails with suspicion, especially those that contain language to convey a sense of urgency or threaten you with consequences if you fail to take action, such as clicking a link or opening an attachment.

You can help protect UCF by using the Phish Alert Button to report any suspicious emails to the Security Incident Response Team. If you have any questions about information security, contact us at infosec@ucf.edu – we’re here to help.

Thank you,

UCF Information Security Office

infosec@ucf.edu

Twitter: @UCF_InfoSec

https://infosec.ucf.edu

———————

4.26.21: UCF InfoSec Tips – Scams Impersonating UNICEF Targeting University Students

Submitted by: UCF IT

Submitted for: UCF Information Security Office (InfoSec)

Subject: UCF InfoSec Tips – Scams Impersonating UNICEF Targeting University Students

UCF InfoSec would like to warn the UCF community of scams targeting university students. Scammers are sending students emails that appear to come from other students, offering an internship or part-time employment with UNICEF. The scammers usually mail checks to the students, claiming that these checks contain their first paycheck and additional funds allegedly intended to purchase items for foster homes or orphanages on behalf of UNICEF.

These checks are fraudulent, and following the scammer’s instructions could result in financial loss. This scam fits the style of overpayment scams we’ve seen in the past.

1. How does the scam work?

Once the victim responds and provides personal information, the scammer sends a check and asks that a portion of the funds be sent to a different financial account. Sending money via a payment app or wire transfer is almost instantaneous, but it may take several days for the bank to process the check. By the time the bank notifies the victim that the check is fraudulent, the victim’s money and the scammer are gone.

2. How can I avoid becoming a victim?

If you did not apply for a job, view any messages promising one with suspicion. Remember, an unsolicited offer of employment may be a scam if it:

* offers to send you a check and requests that you wire back a portion of the funds; don’t be fooled just because they’re sending you a check first!

* sends an offer to your Knights email but requires you to respond using your personal email.

* promises large income for minimal work.

3. How can I protect my account and my fellow Knights?

Scammers prefer sending these scam and phishing messages from other student accounts to make them appear more legitimate. Making sure your Knights email password isn’t used for any of your other accounts, and enabling Multi-Factor Authentication (MFA), can make it more difficult for scammers to compromise your account and use it to send phishing emails. Learn more about MFA here: https://infosec.ucf.edu/mfa .

4. How can I report these phishing emails?

If you receive such an email, report it to the UCF Security Incident Response Team by forwarding it as an attachment to SIRT@ucf.edu . By reporting it, you’re helping us stay aware of the threats targeting our community so we can respond accordingly.

To learn more, please see https://www.unicef.org/careers/beware-fraudulent-job-offers and https://infosec.ucf.edu/scam . Please inform your fellow Knights, friends and family to help protect themselves against cyber threats and predatory scam artists.

Thank you,

UCF Information Security Office

infosec@ucf.edu

Twitter: @UCF_InfoSec

https://infosec.ucf.edu

———————

4.20.21: InfoSec Tips – Dealing with the Facebook Data Breach

Submitted by: UCF IT

Submitted for: UCF Information Security Office (InfoSec)

Subject: UCF InfoSec Tips – Dealing with the Facebook Data Breach

As you may have read in the news, Facebook announced it was breached in 2019 with the personal records of over 500 million Facebook users acquired by cyber criminals. Those 500 million records were recently publicly released, enabling anyone in the world to potentially access them. If you had a Facebook account on or before 2019, your data may have been included in that breach and released publicly. Examples of your information that could have been released include your name, home address, phone number, email address, birth date, or any other information you provided to Facebook.

One way to check and see if your information was released is to visit https://haveibeenpwned.com and submit the email address you use(d) for your Facebook account.

If you are concerned your data was obtained and released, here are several steps you can take to protect yourself:

* Change the password you use for Facebook. This new password should be strong and different than any other password you use for any other account.

* Set a unique password for each of your accounts. UCF InfoSec strongly recommends using password managers to keep track of your account passwords.

* Wherever possible, enable Multi-Factor Authentication (often called 2FA, MFA, also two-factor, multi-factor, or two-step verification) on your accounts, especially for your email account and any financial accounts.

* Protect your privacy by being very careful about what information you share with any websites. Always assume any website you have an account with can be hacked and your data stolen, or that your information will

be sold or shared with other companies.

* Realize that you can do only so much to protect your data. Because so many other companies and organizations collect, share, and sell your data, you must assume cyber criminals already know a great deal about you.

This means they can use your personal information to trick or fool you into making a mistake, using a technique called Social Engineering. Just because someone calls you and knows your birth date does not prove they are from your bank or the government. Just because someone emails you with personal details, such as your phone number, home address, or even a password you’ve used, does not mean they are really who they claim to be. Be very careful and suspicious of emails or phone calls asking you to share personal information, such as your password, bank account or credit card, or pressuring you to take actions that seem odd or suspicious (such as paying a fine).

UCF InfoSec is here to help you keep your digital identity secure. Review the resources available on our site at https://infosec.ucf.edu and, if you have any questions, contact our office at infosec@ucf.edu.

Thank you,

UCF Information Security Office

infosec@ucf.edu

Twitter: @UCF_InfoSec

https://infosec.ucf.edu

———————

4.22.20: INFOSEC ALERT: EXTRA VIGILANCE TO SECURE YOUR ACCOUNTS DURING COVID-19

Submitted by: Information Technologies and Resources

Submitted for: UCF Information Security Office

Subject: Extra vigilance to secure your accounts during COVID-19

The UCF Information Security Office (InfoSec) wants to help you keep both your personal and work accounts secure. It is more important than ever to stay on guard against information security threats.

Cybercriminals are determined to take every opportunity that will give them any advantage when it comes to phishing and scams. Security researchers have found that phishing attacks worldwide increased over 600% last month. As a result of the current pandemic’s impact on our daily lives, and the increased volume of phishing attacks, we need to be at a heightened state of alert.

Whether it’s your personal or work account (or one belonging to a colleague, friend, or family member), a compromise can have a significant impact on your life. To mitigate the cyber risks from phishing, we will be continuing our simulated phishing campaigns. Please refer to our site and review the video to understand why, especially now, this is so important: https://infosec.ucf.edu/awareness/phishing/simulated-phishing-campaigns/.

1. Examples of malicious activity attempting to exploit the Coronavirus pandemic include:

– Selling fake tests or cures: scammers have been marketing fake “cures” or “test kits” that are unreliable at best;

– Impersonating health organizations to try to get you to click on a link, visit a website, open a malicious attachment, or share sensitive information;

– Setting up fake Coronavirus news and information websites to install malware, steal your login credentials, or bank account information;

– Seeking donations for fraudulent charities.

2. The following steps will help you protect your accounts. Please feel free to share these tips with family and friends to help them stay secure:

– Enable Multi-Factor Authentication (MFA) on all accounts that offer it;

– Regard emails that claim to offer Coronavirus information with skepticism;

– Closely examine links in emails to make sure they’re taking you to the expected site, and when in doubt, visit the website using your bookmarks or by typing the address into your web browser;

– Only use trusted sources, such as government websites, for Coronavirus information;

– Never provide your personal information, including Social Security Number, password, or banking information over the phone or email;

– Always verify a charity before donating: for more information, refer to the FTC’s website here: https://www.consumer.ftc.gov/articles/0074-giving-charity .

InfoSec is here to help you stay secure during this difficult and unprecedented time. If you have any questions, please contact us at infosec@ucf.edu. Thank you for remaining vigilant and helping to keep UCF and yourself secure.

Thank you,

UCF Information Security Office

infosec@ucf.edu

infosec.ucf.edu

———————

4.14.20: INFOSEC ALERT: CYBERATTACKS INCREASING DURING CORONAVIRUS PANDEMIC

Submitted by: Information Technologies and Resources

Submitted for: UCF Information Security Office

Subject: UCF InfoSec advisory: Cyberattacks increasing during Coronavirus pandemic

Cybercriminals are taking advantage of financial concerns and the increase of remote work during this difficult time. Security researchers are seeing an increasing volume of financial scams, wireless router attacks, and phishing messages.

1. Financial scams

Attackers are sending phishing emails impersonating major financial institutions claiming to have received the recipient’s stimulus check. Recipients are asked to verify their account information to receive the funds. These messages may use a deadline to give victims a sense of urgency.

If you receive an email claiming to be from your bank, refer to the contact information listed on your account statements or bank card instead of clicking on any links. For more information on the economic impact payments, please see the IRS website: https://www.irs.gov/coronavirus-tax-relief-and-economic-impact-payments.

2. Wireless router attacks

Cybercriminals are targeting home wireless routers to send victims to fake Coronavirus-themed websites. Attackers gain access to the router by brute forcing admin passwords. Once in, they change the router’s domain name system (DNS) settings to redirect victims to malicious websites.

If you attempt to visit a website but find yourself redirected to a site offering Coronavirus information apps to download, you may be affected. Follow these steps to resolve the issue:

– Change your router’s administrator password to a new, complex password.

– Check your wireless router’s DNS settings and remove any servers you did not add. Refer to your router manufacturer’s website for instructions.

3. Phishing

Cybercriminals have ramped up their phishing attacks. It is critical that you remain vigilant and cautious when receiving emails that ask you to take action. Closely examine links and the email address of the sender in emails and do not open attachments you weren’t expecting.

4. How can I protect myself and UCF?

– Make sure your wireless router is running the latest firmware provided by the manufacturer.

– Set a unique, complex administrator password on the router.

– Avoid downloading software from unknown sources.

– Ensure you are running up-to-date antimalware software on your devices.

– Use the UCF VPN any time you need to connect to your office computer: https://secure.vpn.ucf.edu/

– View any emails or websites claiming to offer Coronavirus updates with suspicion.

– Contact the sender via a trusted phone number to confirm messages before opening attachments.

– Forward suspicious emails to mailto:SIRT@ucf.edu and use the Phish Alert Button to report phishing attempts: https://infosec.ucf.edu/awareness/phish-alert-button/.

If you have any questions, please contact the Information Security Office at infosec@ucf.edu. Thank you for remaining vigilant and helping to keep UCF and yourself secure.

Thank you,

UCF Information Security Office

infosec@ucf.edu

infosec.ucf.edu

———————

2.21.20: INFOSEC ALERT: CORONAVIRUS PHISHING EMAILS

Submitted by: Information Technologies and Resources

Submitted for: UCF Information Security Office

Subject: InfoSec Alert: coronavirus phishing emails and gift card scams

The Information Security Office is alerting the UCF community about recent scams being reported by security researchers.

Coronavirus phishing messages:

Cyber criminals are taking advantage of widespread press coverage of the coronavirus outbreak to prey on unsuspecting people by crafting phishing emails to increase the chance of spreading malware and stealing your personal information. These phishing emails are designed to appear as if sent from health officials or agencies such as the Center for Disease Control and Prevention.

Some versions of these emails suggest clicking a link to view information about “new coronavirus cases around your city.” Other versions suggest downloading an attached PDF file to “learn about safety measures you can take against spreading the virus.” Do not click on these malicious links, which will bring you to a webpage designed to steal your personal information. Downloading an attached file may infect your computer with malware.

In Outlook, use the Phish Alert Button to easily report any phishing messages you receive. For more information, please visit https://infosec.ucf.edu/awareness/phish-alert-button/ .

Thank you,

UCF Information Security Office

infosec@ucf.edu

infosec.ucf.edu

———————

2.14.20: ENHANCED & DOCUMENTED VRM WORKFLOW

All software and technology solutions that stores or processes data outside of UCF (“in the cloud”) will need to go through the full VRM review process. Additionally, it is assumed all employees are aware and in compliance with applicable institutional requirements across the research, education and clinical missions. For more details, please visit our Software Vendor Review page.

Software Vendor Review

1.2.20: KNOWBE4 SECURITY AWARENESS

In addition, as part of our shared commitment to deliver a secure computing environment and defend against sophisticated information security threats, HealthIT in collaboration with the University’s Information Security Office, will be providing security reminders and awareness training through an online training platform provided by our awareness vendor, KnowBe4.

Training will cover topics ranging from spam, phishing, spear phishing, malware and social engineering mechanisms, and the like. Please be on the lookout for an e-mail from KnowBe4 in the upcoming weeks so you can complete the training.

Completion of this training is not mandatory but highly encouraged as it will provide relevant and up to date information about threats that we all may come across.

7.1.19: DIGITAL SPONSORED ACCOUNT REQUEST FORM – NOW AVAILABLE

7.1.19: NEW DATA CLASSIFICATION CHECK IN CONTRACT REVIEW PROCESS