Learn About Security
ITS Help Desk Resources
- How to spot fake e-mail addresses
- Understanding Website Names
- How To Unmask Concealed URLs
- How To Spot Deceptive Internet Addresses
- Forged E-mail Addresses
- OnGuardOnline.gov -Phishing game: http://www.onguardonline.gov/media/game-0011-phishing-scams
Several variations of fraudulent e-mail messages claiming to be from UIOWA Support, UIOWA.EDU, Webmaster@uiowa, etc. have been reported over the last several months. Phishing e-mails claim you must either click on a link to log in to a website, or click on a link and provide personal information, such as your password, last four digits of your Social Security number, date of birth etc., or risk having your accounts deactivated.
These are not legitimate messages.
ITS will never ask you to send passwords or any other personal information in an e-mail.
Be especially cautious of links in e-mail messages that take you to websites that ask for your HawkID.
NEVER respond to spam or phishing e-mails if you receive them. Responding to the message only identifies your email address as a target for future phishing schemes. The best course of action is to just delete the message.
"Spear phishing" e-mails are particularly difficult to block at the gateway because they are so targeted. However, ITS does its best to block these e-mails from coming through as soon as they are detected and to block responses to the address from which they are sent. If you accidentally replied to one to these messages with your password, change your Hawk ID password immediately at http://hawkid.uiowa.edu and contact the ITS Help Desk to report it as soon as possible.
Sample Text of recent fraudulent e-mailsNote: Variations of this type of email may exist.
Detect Phishing Scam Messages – Samples ExplainedThe following two examples are of a phishing scam that managed to solict a number of responses from users on campus.
Message clues for detecting a phishing scam:
- Hovering your cursor over the link shows that the website is in Russia. (The first part of the link would take you to a web server at “dening.ru” even though the message text says “netid-uiowa.edu”) All UI messages should point to a UIOWA.EDU website. In addition, the link text should always match the link itself.
- The language is not conventional for the United States. “checkmates” “hereunder” “malicious malware code unnoticed” and “malignant viruses” are examples.
- Messages do not typically include the UI logo.
- The From: address appears to be from a uiowa.edu service account, but it doesn’t exist. A “forged” university address such as this is very difficult to spot. Service messages from the university should always be sent from a valid @uiowa.edu email address.
Message clues for detecting a phishing scam:
- Hovering your cursor over the link shows that the website is located at “war is on” (Always look at the first section of the link, which would take you to a web server at “warison.org”.) Official UI messages with links should point to a UIOWA.EDU website. It’s just as important to check the actual link address when the text is not in URL form such as “click here …” above, as when the text is in URL form.
- All official messages should be from an appropriate University of Iowa account. The From: address above is a (compromised) university account, rather than from HR. Hover by the name, and you will see the persons’ position and department. You would not expect a message from HR to be sent by someone who is not affiliated with HR, such as an Assistant Professor.
- Mass Email messages to the University should include the standard footer information:
Distribution of this message was approved by the VP for Human Resources or approved delegate. Neither your name nor e-mail address was released to the sender. The policy and guidelines for the UI Mass Mail service, including information on how to filter messages, are available at: http://its.uiowa.edu/apps2/support/massmail.
The vast majority of compromised systems are usually as a result of a user falling for some form of cleverly worded social engineering trick. These ploys get users to give out personal information such as their HawkID and pass phrase, which allow criminals unfettered access to all of the systems and services their accounts have access to. Manipulation attacks could likewise entice users to click a link that brings them to an infected website. Malware that infecting systems this way, usually hook in and take hold via vulnerabilities from the unpatched or out of date system.
We have all heard the saying that there is strength in numbers. Without team effort, many projects and processes fail. A team only succeeds when all of the members understand the team goals, individual roles and how each person’s performance and commitment contribute to achieving the goals of the group.Individuals should be encouraged to toughen and tighten up as much of their personal environment as they can, with the idea that if each team member does so; the result is an overall almost impermeable barrier to attack. Compliance is everyone’s responsibility. For more information on what you can do to secure your personal workstation look at the IT Compliance resource list here: http://learnaboutsecurity.uiowa.edu/compliance.shtml.
To help combat computer threats on the Internet, the University Information Security and Policy Office maintains IT security awareness education materials, to convey important computer security principles. Feedback received from previous years has enabled us to improve the online course to address these needs, and allow computer users to acquaint themselves with their roles and responsibilities in protecting university data and assets.
We recommend that all faculty, staff, and applicable student staff complete security awareness training. This course meets the requirement of various regulations that require security training (for persons with access to sensitive information), and takes on average only 30 - 60 minutes to complete.
You are invited to enroll and complete the course, located in Employee Self-Service “My Training” listed under ICON courses. Step by step instructions for enrolling are listed below.
To register for the course:
- Log in to Employee Self Service
- Under the Personal tab, go to Learning and Development
- Click on My Training
- In My Training click on the Available Online Icon Courses link
- Scroll down and click on the course title "Security Awareness Training", follow the on screen prompts to register for, and take the course
To return to the course:
- Log in to Employee Self Service
- Navigate to My Training
- Click on course title "Security Awareness Training" under Icon Courses Currently Enrolled In to continue
Please Note: The course will only show as completed in your HR-Self Service records if the ICON quiz is passed with an 80% or greater proficiency.
Additional training modules available through HR-Self Service are:
Digital Media Disposal Training (see available Sessions & Series in HR - Self Service)
FERPA Training (see available ICON Courses in HR - Self Service)
HIPAA Privacy Training(see available ICON Courses in HR - Self Service)
If you experience any difficulty and need assistance please contact the Information Security and Policy Office at 335-6332 or e-mail: firstname.lastname@example.org
External Non-UI IT Security related online courses:
TEEX (Texas A&M Engineering Extension Service) Domestic Preparedness Campus
First time users will need to register. At the link above they would need to click New User. Fill out information that applies to them, leaving out the rest (i.e. military/federal government). Once uses register they access the course with the user ID and password they created upon registering.