Rising Cybersecurity Threats

March 1, 2022

Protect your password, computer, and bank account

hooded figure working on laptop with text from phishing messages overlaid

University data shows phishing attempts are on the rise. As a result, your NetID password is at risk.

Bad actors, from individual criminals to hacking groups, are taking advantage of current world events. They’re leveraging uncertainty to make a profit or disrupt daily business. The University of Arizona, as a Tier 1 research institution, is a target.

Lanita Collette, the University Chief Information Security Officer, reports that the University is seeing more than twice as many phishes reported in the past few months. The Information Security Office is getting reports of “vishing” as well—phone-based (voice) phishing.

Susan Legg, Executive Director of IT Support Services, says, “The 24/7 Support Center is getting calls from students who see that their password was changed when they didn’t make that change.” She reports that some hackers knew enough about their target to be able to answer security questions to change a password.

The University has controls in place to protect against phishing including two factor authentication, among others. In addition, the 24/7 Support Center has increased security around password changes. They no longer change passwords over chat support, and they no longer provide NetID+ (Duo) passcodes at the same time as a password change.

Some scams will attempt to get you to provide access to your bank account or spend your own money to buy gift cards. One warning sign is asking you to switch contact to a personal email system outside University email safeguards.

Recent phishing attempts are posted at Phishing Alerts. They show common themes including:

  • Job opportunities (that often sound too good to be true).
  • Pretenses of being a busy person known to you needing immediate help.
  • Messages from “the IT department” about your email.
  • Various attempts to get you to open a web link or attachment.

Responding to these email (and phone) tactics can result in a stolen password, an infected computer/mobile device, or financial loss.

Please remain vigilant and learn more about how to protect yourself from cybersecurity threats.