FIU Security

E-mail Scam Warning

E-mail Scam 1: Request for iTunes cards or Gift cards

How the scam works

  1. The scammer looks up the staff directory and identifies key high-profile members such as department deans, directors or VPs.
  2. The attacker then creates a fake e-mail address using g-mail or a compromised account. In many cases the fake e-mail address includes the name of the person they impersonate. For example, a fake account for John Doe, might be created as johndoe1428@gmail.com or a fake account for a dean, might be created as departmentdean685@gmail.com
  3. The next step is to look up employees that may work for that department head (via the same phone directory) and send a simple message to the employee, with content such as: “Are you available?” or “Are you on campus?” or “I’m in a meeting and can’t talk. I need a quick favor.”
  4. If the victim responds, the scammer claims to be busy and makes a urgent request for iTunes cards to be purchased, and request the user to e-mail pictures of the redeem code ASAP.

How to Address the E-mail

  • Do not respond to these e-mails. Instead, please forward a copy of the e-mail, as an attachment, to abuse@fiu.edu.
  • After forwarding the e-mail to abuse, mark the e-mail as junk. This will assist the e-mail protection tool block similar messages in the future.
  • To avoid these attacks, please pay close attention to the incoming e-mail address.

E-mail Scam 2: Hacked Camera, Bitcoin ransom

How the scam works

  1. The scammer gets a list of e-mail address and sends a fraudulent e-mail claiming to have access to your account.
  2. The e-mail claims to have hacked your computer’s camera and took compromising pictures of you.
  3. The e-mail usually reads as follows:
    • “I have bad news for you. I hacked your operating system and got full access to your account sample@fiu.edu. It is useless to change the password, my malware intercepts it every time.
      I am strongly believe that you would not like to show these pictures to your relatives, friends or colleagues. I think $809 is a very small amount for my silence. I accept money only in bitcoin!”
  4. The scammer makes the e-mail looks like it’s coming from your address through a process called spoofing. Spoofing allows the attacker to hide the real origin of the e-mail.

How to Address the E-mail

  • Do not respond to these e-mails. Instead, please forward a copy of the e-mail, as an attachment, to abuse@fiu.edu.
  • After forwarding the e-mail to abuse, mark the e-mail as junk. This will assist the e-mail protection tool block similar messages in the future.

Prevent Becoming a Victim of Tax Fraud

Tax season has officially begun. But you may not be the only one anticipating your tax return. Identity thieves are also anticipating obtaining your personal/sensitive information and/or receiving your tax return. Tax fraud occurs when your identity is assumed by someone other than you and through the knowledge of your personal/sensitive information is able to file your taxes and ultimately, receive your tax return. Read more...

Updated 2018 Cybersecurity Awareness Training

sans_training_shield

To end National Cybersecurity Awareness Month (NCSAM) and maintain our commitment to educate the University community on cybersecurity topics, the Division of Information Technology assigned the annual Cybersecurity Awareness Training to all employees on October 31, 2018.

Education and awareness is key to being able to defend against cyber attacks. As members of our FIU community, it is our responsibility to safeguard all information resources. The goal of the training is to help our University employees identify and prevent the loss of sensitive data and protect existing resources.

The annual training is part of our awareness efforts and requirements for regulations and compliance that the University must adhere to. The Division of Information Technology has updated the annual online Cybersecurity Awareness Training with enhanced content, current trends and the addition of compliance modules.Read more...

NIST and FIU Join Forces on Cybersecurity Education Outreach

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has announced a cooperative agreement with Florida International University (FIU) to help build national relationships that advance outreach in the cybersecurity education, training and workforce development communities. The collaboration will be managed by NIST’s National Initiative for Cybersecurity Education Program (NICE), as part of its mission to energize and promote a robust network and ecosystem of cybersecurity efforts. Read more...

FIU’s Cybersecurity Awareness Training

On March 20, 2017, the Division of IT launched a new Cybersecurity Awareness Training designed to help you identify and prevent the loss of sensitive data while protecting existing resources. Once a new curriculum is assigned, an email notification will be sent notifying you about the curriculum assignment. Read more...

Ransomware

As ransomware continues to pose an ongoing threat, the Security Primer document, by MS-ISAC, provides a security resource on current information on ransomware and recommendations to secure networks, systems and the end user, in addition to responding to a compromise or attack. Read the MS-ISAC Security Primer on Ransomware

Petya Ransomware

We are seeing a new global ransomware outbreak similar to the WannaCry attack this past May. Petya is the second major global ransomware attack in the past two months and is currently infecting hundreds of thousands of computers worldwide. Read more...

WannaCry Ransomware

As you may have seen in recent news, WannaCry is a new malicious Ransomware program which is currently infecting hundreds of thousands of computers worldwide. Read more...

Featured Videos

Web Security

Resources

  • Cybersecurity Awareness Training

    On March 20, 2017, the Division of IT launched a new Cybersecurity Awareness Training designed to help you identify and prevent the loss of sensitive data while protecting existing resources.

  • Online Security Tips

    Practice good online safety habits with these tips and advice from the National Cyber Security Alliance.

  • McAfee LiveSafe

    All currently registered students are eligible for a one-time free download of McAfee LiveSafe for Mac and PC. To download your free copy today, visit panthertech.fiu.edu and log-in with your MyAccounts username and password.

  • OpenDNS Phishing Quiz

    Ever wonder how good you are at telling the difference between a legitimate website and one that's a phishing attempt? One wrong click could expose your company to a data breach. Take the OpenDNS Phishing Quiz and discover how skilled you are at detecting malicious phishing attempts.

  • Khan Academy Cybersecurity 101 Quiz

    Whenever we go online—to shop, chat with our friends, or do anything else—we put ourselves at risk of cybercrime. Computer viruses can corrupt our files, hackers can steal our data, and criminals can trick us into revealing sensitive information. But luckily there are simple steps we can take to protect our digital lives.