May 16, 2017

Protect yourself against WannaCry and other ransomware

A malicious software program named “WannaCry” has recently made news through large-scale infections in more than 100 different countries. “WannaCry” is a type of malicious software known as ransomware. It is most often downloaded as an attachment as part of a phishing email scam, and then gains access to the computer and locks the system owner out of their files.

Here’s how you can protect yourself:

  • If your computer requests a reboot, please allow the reboot to happen. Microsoft continues to release security patches for affected versions of Windows – Information Systems will continue to push the patches to University owned computers as they become available.
  • Set up Google 2-Step Verification to protect your email, WIN, and other WFU accounts.
  • Ensure that your data is backed up.
  • Be aware of phishing emails that ask you to click on a link or open an attachment, especially when you do not know the sender. Be even more cautious when that link or attachment asks you for your password. If a website does ask for your credentials, feel free to contact the Information Systems Service Desk to determine if the request is valid.
  • Keep all of your personal devices such as iPads, laptops, and smartphones current on software updates.
  • Be aware that some mobile applications may be susceptible to hackers and marketers so be selective when downloading apps.

Specific details on how to implement these security measures can be found here.

If you have questions concerning this message or need assistance, please contact the Information Systems Service Desk at help@wfu.edu or 336-758-4357 (HELP).

Feb 24, 2017

The IRS will NOT request personal information by email- EVER

You are the first line of defense for protecting your personal information from phishing email attacks. It is tax season and it is important to remember that the IRS, banks or other institutions will never ask for personal information via email. If you receive notification that you are a victim of identity theft, learn more at the IRS web site.

If you are unsure about the content or validity of an email, don’t respond to it and forward the email to the Information Systems Security Team at infosec@wfu.edu for further analysis.

If you have fallen for a phishing email, complete the next steps immediately:

  • Change your WFU Google email password to a new password. Never reuse old passwords.
  • Implement Google 2-Step Verification to protect your WFU Google email and data. Consult the following video or contact the Information Systems Service Desk at help@wfu.edu or 336-758-4357 (HELP) for assistance.
  • Learn more on how to identify phishing emails by viewing the video ‘Avoiding phishing scams’ here.
  • Be wary of all links in emails. If in doubt, contact the sender to validate the request.
  • Malware is often delivered as an email attachment. Most common safe attachments are .doc, .docx, .ppt, .pptx, .xls, .xlsx.  Don’t open attachments that end with .ws, .zip, .docm, .exe, .js, scr

Jan 19, 2017

January 2017 – Phishing email scams are on the rise

In recent weeks, you may have received phishing emails that look as though they are coming from Wake Forest University faculty, staff or students to other WFU users. It appears as if the WFU user is sharing important information in a document that requires your WFU username and password to access. Be skeptical when a message asks you to click on a link, especially when you do not know the person. Be even more aware when that link asks you for your password. If a website does ask for your credentials, feel free to contact the Information Systems Service Desk to determine if the request is valid.

Do not become a phishing victim:

  • Set up Google 2-Step Verification for added security. This prevents hackers from being able to access your email account even if they have your password. Learn more at infosec.wfu.edu or contact the Service Desk.
  • Be wary of all links in emails. If in doubt, contact the sender to validate the request.
  • Never provide your personal information in response to emails.
  • Malware is often delivered as an email attachment. Most common safe attachments are .doc, .docx, .ppt, .pptx, .xls, .xlsx.  Don’t open attachments that end with .ws, .zip, .docm, .exe, .js, .scr

Did you get a phishing email and provide your personal information?

Change your password immediately and delete the message. If you have questions about changing your password, visit this link: http://is.wfu.edu/services/account-password/

Tis the season…

It’s tax season and every year new phishing attempts appear to come from the IRS. The IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. Please forward any unsolicited email claiming to be from the IRS or an IRS-related function to phishing@irs.gov.

Want to learn more about phishing emails?

Review this helpful course from Lynda.com. Click the sign-in button in the top right corner.

If you have any questions or concerns about security-related topics, please contact the security team at infosec@wfu.edu.

Oct 14, 2016

Phishing Email

A phishing email is being sent asking for validation of Employee Mailboxes.  PLEASE DELETE THE EMAIL and DO NOT CLICK ON THE LINK.  Please see the example below.

Beginning of Phishing Email

To:

Please this is very important. we are expanding and validating all Employee Mailbox immediately. Please click on this link http://site9289653.92.webydo.com/?V=1 and fill the form correctly and Click send for immediate validation.
Technical Support

End of Phishing Email