Security Awareness at W&L as the Academic Year Begins

students on bridge to wilson field
Published | September 2, 2022

Institutions of higher education remain a constant target of scammers looking to hack into critical systems and steal sensitive data. Colleges and universities saw a surge in ransomware attacks in 2021 and the trend has continued into 2022. According to Inside Higher Ed, nearly two-thirds of institutions saw ransomware attacks in 2021. Of the attacks that were successful, most universities ended up having to make ransom payments to restore operational data.

In almost all cases, hackers were able to gain access to systems through “phishing 101” tactics. Individual users (students, faculty and staff) who respond to messages by clicking links, downloading malicious payloads, or revealing their university login credentials offer the easiest entry points for criminals. Steps to improve security awareness, as well as the adoption of a variety of new authentication tools and policies seem to have influenced a reduction in the number of compromised accounts at W&L when compared to previous years. Despite the measured improvements, ITS efforts to defend against network attacks are ongoing.

It’s important as we begin a new academic year to remind students, faculty and staff that those of us relying on university technology on a daily basis are the first line of defense in protecting against those who want to breach the network. Please keep security in mind each time you use your credentials to log into your W&L email, MyApps, Workday, Box, Office 365, or other productivity applications. Be suspicious of any message coming from an external source and verify unusual requests or messages that appear to be coming from internal sources.

Security Awareness Tip of the Week

Did you know ITS publishes a security awareness tip of the week throughout the year on ITS News? Check in routinely for updates and stay informed about ways to keep your personal information and internet-connected devices safe. Here’s a recent tip:

August 29th, Tip of the Week  | According to security and awareness training firm, KnowBe4, vishing attacks have increased at a rate of 625% during Q2 2022, when compared to the 1st quarter of 2021. Vishing is the use of phone calls (both inbound and outbound) and/or voice messages to induce a response or interaction from victims. The initial message appears to be coming from a legitimate or familiar source. Often, targets are asked to call a fraudulent phone number to confirm shipping, delivery, or a purchase. The attacker will attempt to gather personal information from a victim that can be used in later ransomware attacks against a larger entity like colleges and universities. The first line of defense in this type of attack is the individual user. When presented with a message asking for your response, it’s best to slow down, analyze, and verify before responding.

Latest Phishing Emails Targeting W&L

While there are measures in place to block most of the spam and phishing emails targeting W&L recipients, some do end up getting through. In those cases, it’s up to the individual user to recognize the threat, forward to spam@wlu.edu and delete the message without clicking on any links contained within. In addition, ITS maintains a page with the most recent phishing emails targeting W&L students, faculty and staff. Over the past several months we’ve seen a rise in messages that attempt to trick users into thinking someone familiar has “shared” a file. Here are some of the subject lines being used.

  • Document shared with you: “FACULTY REVIEW.docx”
  • Document shared with you: “FACULTY AND STAFF EVALUATIONS.docx”
  • Document shared with you: “FACULTY REVIEW.docx”
  • Document shared with you: “INFORMATION ABOUT FACULTY ANNUAL REPORT.docx”

Beware of Fraudulent Duo Prompts

It is being reported that a new type of attack exploits some Duo multifactor authentication options.  It starts with a phish email and a generic subject, such as “An important message from…”. The email contains a link taking users to a fake login page designed to trick you into compromising both your university credentials AND your Duo passcode.  Always inspect pages and links before entering any of your personal information.

  • Whenever possible, use Duo Push through the mobile app – it is the most secure option.
  • NEVER authorize a prompt or call you did not initiate whether it’s through the phone or a push, click on “Deny”!
  • Never provide another person with a Duo authorization passcode.

As always, whenever you have questions about keeping your network connected devices safe from threats, please contact the ITS Helpdesk at X4357 or help@wlu.edu.

You may also like…