Texas A&M University-Kingsville

banner_information security.jpg

Information Security

Trending Cyber Security Threats


Phishing

You may have received emails with the subject “Email quota limit” or” Message Center”, indicating that your email has been limited and you need to click on a link and fill-in a form. Do not click on the link or respond to these emails. iTech will never send an email asking for your account and password.

There have been several people who clicked on the link in phishing emails and completed the form, giving their account and password information. This allowed the hackers easy access to tamuk email accounts, which were then used to send thousands of emails to others. The compromised tamuk email accounts sending spam and phishing emails put all tamuk email on blacklists, so your email to other sites may have been rejected. If you received an email from System Administrator indicating your email was rejected, you can go into your sent folder and resend the email. Even though we are off the blacklists now, you may still get rejected email as other email systems may hold and reject for 48 hours. Some email systems do not send back a rejected email. If the recipient of an email sent outside of tamuk did not receive the email, you can go into your sent folder and send the email again.

If you have any questions about a suspicious email that you have received, please check with the Help Desk or Lonnie Nagel, Information Security Officer.

Cryptolocker

CryptoLocker is a new variant of ransomware that restricts access to infected computers and demands the victim provide a payment to the attackers in order to decrypt and recover their files. While victims are told they have three days to pay the attacker through a third-party payment method (MoneyPak, Bitcoin), some victims have claimed online that they paid the attackers and did not receive the promised decryption key. As of this time, the primary means of infection appears to be phishing emails containing malicious attachments. CryptoLocker appears to have been spreading through fake emails designed to mimic the look of legitimate businesses and through phony FedEx and UPS tracking notices.  In addition, there have been reports that some victims saw the malware appear following after a previous infection from one of several botnets frequently leveraged in the cyber-criminal underground.

By adhering to the following guidelines, users can greatly decrease their chance of becoming infected:

  • Do not follow unsolicited web links in email messages or submit any information to webpages in links
  • Use caution when opening email attachments. Refer to the Security Tip Using Caution with Email Attachments for more information on safely handling email attachments
  • Maintain up-to-date anti-virus software
  • Perform regular backups of all systems to limit the impact of data and/or system loss
  • Keep your operating system and software up-to-date with the latest patches
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams
  • Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks

SWF Redirector

Information about SWF Redirector can be found here.

Cyber Security Resources

Resource Title: Download Link:
Internet Security PDF download
TAMU-K Password Security PDF download






Tips & Advice

StaySafeOnline.org

Avoiding Social Engineering and Phishing Attacks

Recognizing and Avoiding Email Scams

Using Caution with Email Attachments

This page was last updated on: November 07, 2014