Body
Please report any suspicious emails to abuse@uthsc.edu.
Please report any suspicious computer/device issues to the ITS Service Desk at 901.448.2222.
We would rather you report something that was nothing than ignore something that could harm both you and the university.
Insider Threats
Insider Threat is a security risk that comes from within an organization. While it can be, it doesn’t necessarily mean the threat is a disgruntled employee. It could be someone socially engineered to do a bad thing, or someone who has access to information they shouldn’t and doesn’t know how to protect it.
What to look out for regarding Insider Threats include:
- Personality and behavioral changes
- Disagreements with coworkers/campus policies
- Accessing large amounts of data if that is not normal work processes
- Odd working hours
- Attempts to move data offsite
- Staff and/or Students permanently leaving campus
- Unauthorized attempts to access servers and data
- Authorized but unusual access to servers and data
- Financial distress/unexplained financial gain
If you see something suspicious or questionable, contact the Office of Cybersecurity at itsecurity@uthsc.edu.
Incidents and Intrusions
An example of an information security incident or intrusion includes:
- You can't connect to the Internet or the computer runs slowly.
- A large number of pop-ups
- Unfamiliar and peculiar error messages
- Computer freezes or crashes randomly
- Internet homepage changes unexpectedly
- Google search results are redirected to random websites
- Can't access security-related websites
- Desktop background changes unexpectedly
- Can't open programs or applications
- Security protection has been disabled
- Missing files
- The computer is performing actions on its own.
If you think your computer or device has been compromised in any way, contact the ITS Service Desk at 901.448.2222.
Phishing Emails
Phishing is any email sent from a cybercriminal, looking to steal your passwords, information, or data. Especially savvy cybercriminals will send very authentic-looking emails. They are looking to charm or alarm you into believing immediate action must be taken.
Spear phishing is a highly specialized attack against a specific target or small group of targets to collect information or gain access to systems.
Examples
You might receive an email that appears to be from the Helpdesk, asking you to update your password by clicking on the provided link - don't do it!
By clicking on the email or on a link within the email, your computer can be infected with malware and/or viruses that can put both you and the university at risk.
Phishing can occur not only in your UTHSC email, but your personal email as well. It may be from PayPal, mentioning a purchase you know you didn't make. You get scared and you want to click on the link provided in the email - don't do it!
Your financial institution may contact you about a problem through email and may ask you to log into your account, but will never ask you to click on a link within the email.
Visit the Office of Cybersecurity's Phishing page for more information.
If you believe you have received a phishing email, do not click on any links or reply to the email, but forward it to abuse@uthsc.edu.
Malware
Malware is software (a computer program) used to perform malicious actions. Cybercriminals install malware on computers or devices to gain control over them or gain access to what they contain. Once installed, these attackers can use malware to spy on a user’s online activities, steal passwords and files, or use the system to attack others. Malware can even deny access to a user’s own files, demanding that they pay the attacker a ransom to regain control over them. This is called ransomware.
If you think your computer or device has been compromised in any way, contact the ITS Service Desk at 901.448.2222.
Spam
Unlike phishing emails, spam isn't dangerous - just annoying. Spam is the electronic equivalent of junk mail - unsolicited, bulk, and often unwanted – email.
How to Reduce Spam
- Enable filters on your email programs: Most ISPs (Internet Service Providers) and email providers offer spam filters. However, depending on the level you set, you may wind up blocking emails you want. It's a good idea to occasionally check your junk folder to ensure the filters are working properly.
- Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam to abuse@uthsc.edu will also help to prevent the messages from being directly delivered to your inbox.
- Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information.
Help us reduce widespread spam by reporting it to abuse@uthsc.edu.