[CCoE Notice] FW: UIT Security Informational Alert: Increased Phishing/Spam Messages

Luong, Kiet A KDLuong at Central.UH.EDU
Mon Jul 20 13:45:40 CDT 2015 

Good afternoon,

Please read over this important message from the campus UIT Security group.  It contains information regarding recent surge of spam and phishing emails.

Thanks,

Kiet Luong
Director of Engineering Computing
College Information Security Officer
Cullen College of Engineering
University of Houston
Email: KietL at uh.edu
Voice: 713.743.9974

From: University Information Technology [mailto:it at uh.edu]
Sent: Monday, July 20, 2015 1:42 PM
To: Luong, Kiet A
Subject: UIT Security Informational Alert: Increased Phishing/Spam Messages

[http://uh.edu/ecomm/images/UIT.png]


UH Faculty and Staff:

In the last couple of weeks, there has been a significant increase in phishing and spam messages being received in campus e-mail boxes. We understand your frustrations as we are personally experiencing the same things, as are many of our higher-education colleagues across the country. Here is information about actions we are taking and things you can do to help.

What is UH Doing?

The UIT Security, Messaging and Network enterprise teams have all been working together with our vendors (Sophos, McAfee, Microsoft and others) to address the problems. We have been and are continuing to review every step in the messaging process including the scanning, flagging and blocking protocols being used and have been aggressively working to identify and implement improvements. We have also been investigating each message being reported, which has in turn led to the blocking of some foreign Internet Service Providers (ISPs) identified as being the source of malicious messages. We are coordinating our investigation efforts with universities nationwide as well as the FBI and other appropriate agencies.

Throughout the UH campus, college, division and department information security officers, technology managers and other IT staff have been diligently working with users to verify appropriate mail filtering rules and protections are in place on client devices and mailboxes. We appreciate all of these efforts, as well as the actions by campus faculty and staff to report the malicious messages.

We understand that these actions may not be enough to handle messaging threats as they continue to escalate overall. Therefore, we are also working with other technology leaders to identify innovative strategies and solutions to these problems that can be implemented as soon as practical.

What Should You Do?

 1.  Continue to be critical of emails you may receive. Malicious emails may be well-crafted, appear to come from others at UH and are designed to trick you into providing personal information.
    *   Do not click on links in messages that are asking for personal or account information.
    *   Do not open attachments you are not expecting.
    *   Report suspicious emails to UIT Security for investigation.
    *   Forward spam messages to is-spam at sophos.com<mailto:is-spam at sophos.com>. Messages forwarded to Sophos contribute to the accurate identification of future spam messages.
    *   Check for yourself: A list of recent phishing emails reported at UH is posted on the UIT Security website and on the AccessUH login page.
 2.  Protect your UH identity.
    *   Do not re-use your UH userid or password on any non-UH websites (Facebook, LinkedIn, etc).
    *   Do not use the same password for your online banking that you use on social media or shopping sites.
    *   When you change your password, update the password on all of your devices.
 3.  Protect your devices.
    *   Keep your computer/mobile devices current with all system and application updates.
    *   Install anti-virus/anti-spyware software and configure for automatic updates.
    *   Keep your devices locked-up and out of sight when not in use.
    *   If you get a new device, erase all of your info from any old device before discarding it.

If you have any questions or concerns please contact UIT Security via email at security at uh.edu<mailto:security at uh.edu> or via phone at 832-842-4695.

Mary E. Dickerson, MBA, CISSP, CISM, PMP
Executive Director, IT Security
Chief Information Security Officer
University of Houston | University of Houston System
A Carnegie-designated Tier One public research university
phone: 832-842-4679
email: mdickerson at uh.edu<mailto:mdickerson at uh.edu>





[https://ssl.uh.edu/images/social/twitter-2.png]<http://uhhelpdesk.custhelp.com/rd?1=AvNI~wopDv8S~xb~Gv9O~yJBHf0q04D78N_Nfz7~Pv9E&2=17215>[https://ssl.uh.edu/images/social/facebook.png]<http://uhhelpdesk.custhelp.com/rd?1=AvNI~wopDv8S~xb~Gv9O~yJBHf0q04D78N_Nfz7~Pv9E&2=17216>[https://ssl.uh.edu/images/social/google-plus.png]<http://uhhelpdesk.custhelp.com/rd?1=AvNI~wopDv8S~xb~Gv9O~yJBHf0q04D78N_Nfz7~Pv9E&2=17217>[https://ssl.uh.edu/images/social/linkedin.png]<http://uhhelpdesk.custhelp.com/rd?1=AvNI~wopDv8S~xb~Gv9O~yJBHf0q04D78N_Nfz7~Pv9E&2=17218>[https://ssl.uh.edu/images/social/youtube.png]<http://uhhelpdesk.custhelp.com/rd?1=AvNI~wopDv8S~xb~Gv9O~yJBHf0q04D78N_Nfz7~Pv9E&2=17219>[https://ssl.uh.edu/images/social/instagram-new.png]<http://uhhelpdesk.custhelp.com/rd?1=AvNI~wopDv8S~xb~Gv9O~yJBHf0q04D78N_Nfz7~Pv9E&2=17220>

This is an official message sent by the University of Houston. To verify the validity of this message, visit uh.edu/phishing or email security at uh.edu<mailto:security at uh.edu>.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://Bug.EGR.UH.EDU/pipermail/engi-dist/attachments/20150720/5a739bd0/attachment-0001.html

More information about the Engi-Dist mailing list