IT Security Alerts and Advisories 

Phishing for Passwords

There have been a number of recent email-based "phishing" attempts in which recipients are requested to provide their login credentials.  While many of these campaigns look obviously suspicious, some have been very carefully crafted so as to appear to be genuine.

Please be advised that IT Services will never request users to divulge their login information via email.  If you are the recipient of such an email request, please ignore it and delete it. 

If you suspect that you may have been a victim of such a phishing attempt, you should change your password immediately.

 For more information on phishing, see the following article entitled Anatomy of a Phishing Attempt.


Be Careful What You Say

Social networks like Facebook and Twitter are great, but you need to be careful about the information you reveal about yourself on them.

Case in point: a well-known blogger tweets that she is turning 35 in a couple of days.

A harmless piece of information?  Maybe.  Maybe not.

Using the information in this tweet, it would be easy to figure out the birth date of the tweeter.

A malicious individual could take that information and begin assembling a profile that might ultimately be used to steal the blogger’s identity.

Yes, it’s just one piece of information, but date of birth is a key personal identifier.

Information such as this can and has been used successfully to impersonate somebody for malicious purposes.







Twitter Facebook Linkedin Flikr UFV on Google+ YouTube goUFV