Information Security – Page 2 – University of Florida Information Technology News

The Cost of Phishing: Money, Time, Personal Files

Posted on October 25, 2021October 25, 2021

“I should have recognized the red flags. I thought it was easy to avoid phishing emails, but I was wrong. I should have taken the email more seriously, and I had to try to get my account back and missed a test. Thankfully, that’s the only thing I missed.”

When it comes to phishing, it’s possible to lose everything in one click, but you’ll never understand the consequences until it happens to you. In UFIT’s video, three students share real stories from victims of cybercrime.

These examples show what could happen after falling for a phish, from locking you out of your computer to rerouting financial aid money to a cybercriminal’s bank account. But the impacts aren’t limited to one person. One incident is all it takes to shut down UF systems or expose student records, research data, and patient information. With so much at stake, it’s important for everyone at UF to remain skeptical of what arrives in their inbox.

The UF Information Security Office has more information about phishing on its website. You can also participate in the Secure the Swamp! online scavenger hunt from October 25-29 to sharpen your cybersecurity skills.

Tips for Multi-Factor Authentication Efficiency

Posted on August 2, 2021October 2, 2022

Since UF adopted multi-factor authentication (MFA), the number of compromised GatorLink accounts has decreased by 99.7%. Using the multi-factor authentication app provides additional protection to the university’s systems and services. This means your personal information as well as your research files, proposals, and all university data, is better secured.

Tips to enhance your MFA experience:

1. Add a second device to your MFA account, in case your primary device is lost or stolen. UFIT created a short video explaining how to add a device.
2. Use a passcode to authenticate even without an internet connection or cell service. Open the Duo app, then tap the University of Florida drop-down tab on the home screen. Type in the six-digit code provided when logging into UF services.
3. Check the “Remember Me” option to not be prompted to authenticate for 10 hours, as long as you’re using the same browser on the same device.

Visit it.ufl.edu/2fa or contact the UF Computing Help Desk (helpdesk@ufl.edu, 352-392-HELP/4357, 132 Hub) for assistance using multi-factor authentication.

Fake Emails from “UF Faculty” Targeting Students

Posted on July 12, 2021October 2, 2022

Students are reporting suspicious emails in their Gmail or other non-UF inboxes, claiming to be from instructors. These phishing scams enable cybercriminals posing as faculty to convince students to deposit fake checks or send gift cards. Because students often handle email on their phones–where full email addresses are obscured–it isn’t immediately apparent that the email is a phish.

Impostor emails attempt to lure students with high-paying job opportunities and often come from faculty members the student doesn’t know. Cybercriminals can find enough information online to impersonate faculty without having to hack into their UF account. The proliferation of these scams is a great reminder to always be cautious when clicking on any email, no matter who they seem to come from.

Remember:
1. Even if a phishing email doesn’t include a malicious link or attachment, it’s still just as dangerous if you respond.
2. The [External Email] tag will appear in the body of emails originating from outside the university, alerting you that it may well be malicious.

If you think an email in your Gmail or non-UF inbox is a phish, forward the message as an attachment to abuse@ufl.edu.

Securely Disposing of UF Records and Media

Posted on March 8, 2021October 2, 2022

The secure destruction of paper, electronic records, and media containing restricted data is required at the University of Florida. Failure to properly dispose of documents and media, such as hard drives, USBs, and CDs, that hold restricted data can cause significant risk to UF and its faculty, students, and staff.

UF’s process for disposal of records is clearly articulated to ensure compliance. Faculty and staff should know that different media types (e.g., paper, CD, files stored on encrypted hard drives, etc.) have different destruction methods. The Securely Deleting Electronic and Paper Records webpage includes a chart with a complete list of media types and disposal methods. If your department is moving or has a need to dispose of a significant volume of paper files, UF Procurement Services offers bulk-shredding services for university records as well as media that is required to be destroyed.

Anyone with questions about working with, or the process for deleting electronic and paper records that contain restricted data, may email the UF Information Security Office.