[Plantsci] FW: Phishing Alert and Increased Compromised Accounts

Marquez, Mario A - (marquezm) marquezm at email.arizona.edu
Fri May 6 08:38:06 MST 2016 

=============================================================================================================
FROM:                  Gil Salazar, Interim Deputy CISO
DATE:                   May 6th, 2016
SUBJECT:             Phishing Alert and Increased Compromised Accounts

Multiple phishing campaigns targeting faculty and staff this week have been reported to UA Information Security.  As a reminder, phishing is a technique used to obtain sensitive information, such as usernames or passwords, by sending emails designed to trick the user into providing the information, or to open an attachment that installs malware on devices.

Subject lines in recent phishing emails included Project Review and File Message.

Following these phishing reports, UA Information Security and the Financial Services Office has seen an increase in suspicious changes to employee direct deposit information.

What should I do if I receive a suspicious email?
If you receive an unsolicited email or you are unsure of the sender:

*         Do not reply, click on any links, or open any attached files

*         Check the UA Information Security website to see if this is a known phishing message at hxxp://security.arizona.edu/phishing-alert (copy and paste the URL, and replace "hxxp" with "http").

*         If the suspicious email is not listed in the phishing alerts, forward the email as an attachment to infosec at email.arizona.edu<mailto:infosec at email.arizona.edu>.  Forwarding instructions can be found at hxxp://security.arizona.edu/forwarding-phishing-email-attachment-guide.

If you are concerned about that you or your device may have been compromised, please contact your local IT support or the 24/7 IT Support Center (520-626-8324).


How do I know if my information has been compromised?
If your direct deposit information is changed, you will receive an email alert.  However, if your NetID has been compromised, remember that the perpetrator may be checking your email and delete the notification.

What can I do to protect my information and account?
You are strongly encouraged to enroll in Global NetID+ two-factor authentication.  While NetID+ can provide a layer of protection, it will not protect your UAccess accounts if your NetID password is compromised.  Enabling Global NetID+ requires two-factor authentication on all University systems.

To enroll in NetID+, go to hxxps://webauth.arizona.edu/netid-plus.  For instructions on enabling Global NetID+, go to hxxp://security.arizona.edu/netid-plus#global.

Refer to hxxp://security.arizona.edu/phishing for additional information and advice about these and other kinds of email phishing attacks.

=============================================================================================================


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20160506/ef200021/attachment.htm>

More information about the Plantsci mailing list