Build a Resilient Cybersecurity Environment – Page 4 – University of Florida Information Technology News

Learn How Doxxing Attacks Work

Posted on July 28, 2022October 2, 2022

Recently, news outlets reported threats to a U.S. Supreme Court justice. What began as a social media attack became potentially a physical assault. This type of attack is called “doxxing.” Doxxing is defined as publicly revealing previously private information about an individual or organization, usually via the internet.

Doxxing attacks often focus on a journalist or public figure–like a faculty member–over something they have written. An individual or group opposed to what’s published can severely disrupt the author’s life, and in extreme cases their safety is threatened. Doxxing frequently results in abusive phone calls and text messages, sometimes in conjunction with a social media campaign or series of emails designed to harass and intimidate the writer.

The first step to protecting yourself against doxxing is to find out what information about you is publicly available. Conduct online searches in multiple browsers (e.g., Google, Firefox, Safari) and find out what others can see. Then, request removal of private information you find listed on any website. Also, be careful what you share on social media, especially information that could be used to find you or your family, such as location data in photos or posts. The most important step is to secure all your accounts with strong passwords and multi-factor authentication whenever possible. Visit UF’s Information Security Office “Protect My…” webpage and learn more about keeping personal information private.

Identifying Deepfake Videos

Posted on June 23, 2022April 22, 2024

Misleading content online becomes more sophisticated with each technology advancement. One type of “fake news” becoming more prominent across all social channels is the deepfake, a video that’s been modified to make the subject appear to be doing or saying something they did not.

Deepfake videos are made to fool viewers for a variety of reasons including political agendas, financial gain, to embarrass someone or a group, or to use for blackmail. Public figures can be made to say things they never said, inciting viewers or followers to think a certain way and take action based on misinformation. A viral deepfake video supposedly of Tom Cruise has more than a million views. Here’s a breakdown by the video’s creator on how he utilized AI to construct the video: DeepTomCruise TikTok Breakdown.

It is possible to identify some deepfake videos by noticing changes in skin tone, jerky facial movements, or lip movements that do not match dialogue. But as the technology improves these clues could become even harder to spot. If you have concerns about the authenticity of a video purporting to be from UF, please contact the department posting the video or send your concern to the UFIT Help Desk.

Full-Day NVIDIA Workshops–Summer 2022

Posted on June 5, 2022October 2, 2022

UFIT is offering two, full-day NVIDIA workshops this summer. Registration for the Deep Learning Institute (DLI) offerings is open to faculty and to staff who support research computing applications. Anyone with questions prior to registering may contact AI Support Team Lead Ying Zhang, yingz@ufl.edu.

NVIDIA DLI: Building Transformer-Based Natural Language Processing Applications
This is an online workshop, held via Zoom.
DATE: June 21, 2022
TIME: 9:00 a.m. – 6:00 p.m.
INFORMATION: https://rc.ufl.edu/calendar/#!view/event/date/20220621/event_id/24401

NVIDIA DLI: Fundamentals of Deep Learning
This is an in-person workshop, held at the UF Informatics Institute (432 Newell Drive).
DATE: July 28, 2022
TIME: 9:00 a.m. – 5:00 p.m.
INFORMATION: https://www.rc.ufl.edu/calendar/#!view/event/date/20220728/event_id/24328

Participants receive an NVIDIA DLI certificate to recognize their subject matter competency after the successful completion of the post-workshop assessment. UFIT offers year-round training opportunities to support research inquiry. Visit the calendar of training and events for other learning opportunities.

Enter Phishle Contest to Win Gift Card

Posted on May 30, 2022October 2, 2022

The UF Information Security Office’s annual summer contest is open June 1 – 30, 2022. This year, all you have to do is play Phishle — UFIT’s information security take on the popular game “Worldle®” — to qualify for weekly gift card drawings.

Never played Phishle? Like Wordle®, Phishle is a word game. But Phishle focuses on players learning about social engineering terms such as phishing, smishing, vishing, and tailgating while solving the daily word puzzle. Phishle launched in Spring 2022 by Spencer Fasulo, a freshman computer science major who interns with the Information Security Office (ISO). Before entering the Phishle contest, check out the ISO’s great new social engineering webpage. You’ll learn what to watch out for and be better equipped to complete the daily Phishle game and win a gift card!

Phishle players get an entry for each 10 words they find. After achieving 10 correct words, fill out the form provided with your contact information. Two gift cards will be awarded each week, with winners announced on UFIT’s Twitter and Instagram accounts. Gift cards will need to be picked up in the 720 Building by local winners. Winners residing outside of Alachua County will receive their gift cards via US Mail.

Beware of Scam Texts and Phone Calls

Posted on May 12, 2022April 22, 2024

Have you received a strange text like this one (pictured)? Smish alert! Smishing and vishing are like phishing, except scammers use different devices to try and trick you into giving up personal information.

Smishing is done through text messages, while vishing happens through phone calls. Smishing attackers are also using instant messaging apps, like WhatsApp!, as well as LinkedIn and Facebook to reach new victims. What do they want? The same things that phishing scammers are after: personal information, account passwords, and your money. Often, scammers employ social engineering tactics by pretending to be someone you know or represent a familiar organization.

The best way to handle smishing and vishing attempts is simple: Delete the message or hang up! As an added measure, depending on your device and cellular provider, you may be able to block and report the sender. It only takes one click, call, or responding to one message to have your personal information stolen or credit card maxed out. And, if that stolen personal information leads to figuring out how to use your GatorLink credentials, then you, your friends, professors, and anyone else on the UF Network could be impacted.

If you are unsure about a communication purporting to be from a UF department–email, text, or phone call–you can always check with the UFIT Help Desk.

Progress Towards the 2020-25 Strategic Plan for IT

Posted on March 14, 2022October 2, 2022

The 2020-2021 Contributions Report is now available online.

“This annual report covers July 2020 through June 2021, an extraordinary period of change and challenge,” said VP and CIO Elias Eldayrie. “I am extremely proud of the way our staff not only contributed to the university’s effort to combat COVID-19, but also that we could still support the campus with more than 300 completed projects and enhancements during this time period.”

UFIT is deeply committed to improving UF’s customer experience. Investing in new and innovative ways of delivering campus support is a primary focus for the work underway to achieve the goals outlined in the University of Florida’s Strategic Plan for IT: 2020-2025. Anyone with comments about the publication may send them to UFIT Communications.

Learn the UF Risk Assessment Process

Posted on February 17, 2022October 2, 2022

UFIT is now offering integrated risk management (IRM) system training. The course focuses on the IRM process and responsibilities of system submitters, project owners, and the information security manager or technical contact listed on the assessment request. Log into myTraining and search for UF_ITT104_OLT to take the training.

Development of this training is in response to requests from information security managers and department staff who work with UFIT on risk assessments. The IRM training takes approximately 45 minutes to one hour to complete. Note that completing UF_ITT104_OLT will soon become mandatory in order to maintain either the UF_SEC_TECHCONTACT or UF_SEC_ISM security roles.

UFIT recommends all IT staff involved in university risk assessments take the training. For more information visit https://irm.ufl.edu/. Anyone with questions about the integrated risk management process may email the IRM team at irm-uf@ufl.edu.

Threat to Suspend Your Social Security Number is a SCAM

Posted on December 9, 2021October 2, 2022

Con artists pretending to be with the Social Security Administration (SSA) are utilizing email, text messages, and phone calls to scare people into providing money and/or personal information. Remember: The SSA will never threaten, scare, or pressure you to take an immediate action.

It is a SCAM if someone…
● Warns of imminent arrest or legal action
● Requests payment by gift card, prepaid debit card, internet currency, or mailing cash
● Pressures you for personal information
● Requests secrecy
● Threatens to seize your bank account
● Promises to increase your Social Security benefit
● Says they have evidence against you, or uses the name of a real SSA official

How to protect yourself from Social Security-related scams:
1. Stay calm. Do not provide money or personal information when you feel pressured, threatened, or scared.
2. Hang up on the caller or ignore the text or email.
3. Report Social Security-related scams. If you receive a suspicious call, text, or email that mentions Social Security, report it to the SSA Office of the Inspector General (OIG). Do not be embarrassed if you shared personal information or suffered a financial loss.

UF’s Information Security Office has an Identity Thefts and Scams webpage where you can learn more about the techniques used by cyber criminals.