Implementing Cybersecurity Measures while Working Remotely during COVID-19

To assist you during this transition, we have created the guideline below on how to implement cybersecurity measures while working remotely.


FIU Security

Information Technology Guideline for Remote Access & Work from Home

At FIU, employees have the ability to access University resources remotely depending on the resources and data they are accessing. To access certain resources, you must be enrolled in Two-Factor Authentication (2FA), which adds anotherlayer of security to the authentication process. View our Remote Access Guideline to learn more about connecting to FIU resources.


E-mail Scam Warning

E-mail Scam 1: Request for iTunes cards or Gift cards

How the scam works

  1. The scammer looks up the staff directory and identifies key high-profile members such as department deans, directors or VPs.
  2. The attacker then creates a fake e-mail address using g-mail or a compromised account. In many cases the fake e-mail address includes the name of the person they impersonate. For example, a fake account for John Doe, might be created as or a fake account for a dean, might be created as
  3. The next step is to look up employees that may work for that department head (via the same phone directory) and send a simple message to the employee, with content such as: “Are you available?” or “Are you on campus?” or “I’m in a meeting and can’t talk. I need a quick favor.”
  4. If the victim responds, the scammer claims to be busy and makes a urgent request for iTunes cards to be purchased, and request the user to e-mail pictures of the redeem code ASAP.

How to Address the E-mail

  • Do not respond to these e-mails. Instead, please forward a copy of the e-mail, as an attachment, to
  • After forwarding the e-mail to abuse, mark the e-mail as junk. This will assist the e-mail protection tool block similar messages in the future.
  • To avoid these attacks, please pay close attention to the incoming e-mail address.

E-mail Scam 2: Hacked Camera, Bitcoin ransom

How the scam works

  1. The scammer gets a list of e-mail address and sends a fraudulent e-mail claiming to have access to your account.
  2. The e-mail claims to have hacked your computer’s camera and took compromising pictures of you.
  3. The e-mail usually reads as follows:
    • “I have bad news for you. I hacked your operating system and got full access to your account It is useless to change the password, my malware intercepts it every time.
      I am strongly believe that you would not like to show these pictures to your relatives, friends or colleagues. I think $809 is a very small amount for my silence. I accept money only in bitcoin!”
  4. The scammer makes the e-mail looks like it’s coming from your address through a process called spoofing. Spoofing allows the attacker to hide the real origin of the e-mail.

How to Address the E-mail

  • Do not respond to these e-mails. Instead, please forward a copy of the e-mail, as an attachment, to
  • After forwarding the e-mail to abuse, mark the e-mail as junk. This will assist the e-mail protection tool block similar messages in the future.

Ensuring a Secure Zoom Session

Since the onset of remote work, attackers have been seeking ways to target individuals and take advantage of vulnerabilities. With the extensive use of videoconferencing tools, such as Zoom, to facilitate the remote work environment, attackers have realized ways to gain unauthorized access and disrupt normal business activities. There have already been 2 privacy and security concerns related to Zoom... Read more...

Prevent Becoming a Victim of Tax Fraud

Tax season has officially begun. But you may not be the only one anticipating your tax return. Identity thieves are also anticipating obtaining your personal/sensitive information and/or receiving your tax return. Tax fraud occurs when your identity is assumed by someone other than you and through the knowledge of your personal/sensitive information is able to file your taxes and ultimately, receive your tax return. Read more...

2019 Cybersecurity Awareness Training


To maintain our commitment to educate the University community on cybersecurity topics, the Division of Information Technology assigned the annual Cybersecurity Awareness Training to all employees on December 2, 2019.

Education and awareness is key to being able to defend against cyber attacks. As members of our FIU community, it is our responsibility to safeguard all information resources. The goal of the training is to help our University employees identify and prevent the loss of sensitive data and protect existing resources. Read more...

NIST and FIU Join Forces on Cybersecurity Education Outreach

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has announced a cooperative agreement with Florida International University (FIU) to help build national relationships that advance outreach in the cybersecurity education, training and workforce development communities. The collaboration will be managed by NIST’s National Initiative for Cybersecurity Education Program (NICE), as part of its mission to energize and promote a robust network and ecosystem of cybersecurity efforts. Read more...


As ransomware continues to pose an ongoing threat, the Security Primer document, by MS-ISAC, provides a security resource on current information on ransomware and recommendations to secure networks, systems and the end user, in addition to responding to a compromise or attack. Read the MS-ISAC Security Primer on Ransomware

Petya Ransomware

We are seeing a new global ransomware outbreak similar to the WannaCry attack this past May. Petya is the second major global ransomware attack in the past two months and is currently infecting hundreds of thousands of computers worldwide. Read more...

WannaCry Ransomware

As you may have seen in recent news, WannaCry is a new malicious Ransomware program which is currently infecting hundreds of thousands of computers worldwide. Read more...

Featured Videos

Web Security


  • Cybersecurity Awareness Training

    On March 20, 2017, the Division of IT launched a new Cybersecurity Awareness Training designed to help you identify and prevent the loss of sensitive data while protecting existing resources.

  • Online Security Tips

    Practice good online safety habits with these tips and advice from the National Cyber Security Alliance.

  • McAfee LiveSafe

    All currently registered students are eligible for a one-time free download of McAfee LiveSafe for Mac and PC. To download your free copy today, visit and log-in with your MyAccounts username and password.

  • OpenDNS Phishing Quiz

    Ever wonder how good you are at telling the difference between a legitimate website and one that's a phishing attempt? One wrong click could expose your company to a data breach. Take the OpenDNS Phishing Quiz and discover how skilled you are at detecting malicious phishing attempts.

  • Khan Academy Cybersecurity 101 Quiz

    Whenever we go online—to shop, chat with our friends, or do anything else—we put ourselves at risk of cybercrime. Computer viruses can corrupt our files, hackers can steal our data, and criminals can trick us into revealing sensitive information. But luckily there are simple steps we can take to protect our digital lives.