coe-staff: Holidays and Phishing

Jeff Woodbury jeffreyw at uoregon.edu
Thu Dec 13 14:30:26 PST 2018 

Happy Holidays everyone!

I wanted to pass along a message from the UO's Chief Information Security Officer, Leo Howell:

SUBJECT: 'Tis the season for phishing scams

Please take special precaution to avoid becoming the next victim of a phishing scam that could negatively impact your livelihood. Every holiday season, we see an uptick in the number of phishing and scam emails, so be vigilant but unafraid by taking an extra moment to question the validity of any email that seems just a bit odd.

How do you avoid becoming a victim during this holiday season?

  *   Shipping confirmations or tracking attachments: beware of links in emails to track FedEx, UPS, or USPS packages. Browse directly to these websites and enter your tracking numbers instead of clicking on a link in an email. Additionally, these couriers do not send tracking information as email attachments, so any such attachment received in an email is more than likely malware.
  *   Invoice attachments or links: the first question to ask is, "Am I expecting an invoice from this person or company?" If not, do not open it! Instead, call the company or person (with whom you have an existing relationship) to find out more about the invoice before you open it. Be sure to call the company or person from a valid phone number from their website or your contacts list, not from a phone number in the suspicious email because an impersonator may be on the other end of the line.
  *   Holiday gift cards and giving: we've seen a new impersonation scam this year where an employee gets a request from a university executive to buy gifts cards for their department and then send photos of those cards to them. This is a scam. Pay close attention to the sender's email address and often you will see that it looks like the executive's name but it is not their uoregon email address. It is almost always a scam if someone asks you to buy gift cards and send them the codes or photos of the cards.
  *   Greeting cards: pay attention to electronic greeting cards from friends, families, and definitely from strangers. Often times, these cards are used as trojan horses. As you play the cards and have a laugh, malware is secretly installing itself in the background that can later be used to steal your keyboard clicks to capture your usernames and passwords to your banks, medical records, social media accounts, or your DuckID and password. If you are unsure about the message, stop, reach out to friends or family to make sure the card is from a legitimate website. If it's from a stranger, do not click on the card, it is probably malware.

Remember that legitimate DuckID account tasks, such as password resets, will send you to https://duckid.uoregon.edu<https://duckid.uoregon.edu/> and never anywhere else. IT staff will not ask you for your password or ask you to provide a password via email or in a ticket. The UO, Information Services, or any other IT group at the university will not threaten you with account closure if you don't go to a website and respond immediately. Never open attachments, such as invoices or package tracking information, that you aren't expecting, even if it looks like it is from someone you know or a company you are working with. Be wary of emails that instruct you to download software or updates-check with your local IT support staff first.

What do I do if I am phished?
Even after taking all the precautions, you may still become a victim of a phishing attack if the scammer is clever enough. Please follow the steps below if you believe you are a target or victim:

  1.  If you receive an email that you think is phishing:
     *   Get the full headers of the message. For instructions, see https://service.uoregon.edu/TDClient/KB/ArticleDet?ID=32839.
     *   Send the phishing message and its full headers to phishing at uoregon.edu<mailto:phishing at uoregon.edu>. A staff member of the Information Security Office will review it and let you know whether it was a phishing message and any other steps to take.
     *   Delete the message.
  2.  If you believe you are a victim of phishing, contact the Information Security Office immediately for assistance at infosec at uoregon.edu<mailto:infosec at uoregon.edu>.

This holiday season, please be cautious and safeguard your personal and account-related information!

Leo Howell, Chief Information Security Officer
Information Security Office
University of Oregon


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists-prod.uoregon.edu/pipermail/coe-staff/attachments/20181213/c0f6ae03/attachment.html>

More information about the coe-staff mailing list