Kansas State University

search

IT News

Category: Cybersecurity

Phishing Scams: Watch out for job scams

Posted on by Christine Doucette

Are you looking for a job? While looking for a job, be on the lookout for cybercriminals because they are looking for you. At the end of a semester, it is common for cybercriminals to target students, faculty and staff who may be looking for a job.

Cybercriminals will target you with emails “inviting you to interview with their company.” The emails will include a sense of urgency, such as “interview with us now because slots are filling up” or “schedule your interview now before the position is filled.”

Some cybercriminals will ask you to download a particular app or device for the interview. Do not click on any links or download any apps; this is a scam. These malicious apps can install malware on your device and leak personal information. After stealing your information, cybercriminals could use it to impersonate you, commit financial fraud or scam other unsuspecting people via your accounts. Continue reading “Phishing Scams: Watch out for job scams”

Phishing Scam: “URGENT: Suspected Exposure Incident Detected”

Posted on by Christine Doucette

A new phishing scam email has been circulating through several colleges and universities nationwide and even in Kansas. The email’s subject line is “URGENT: Suspected Exposure Incident Detected.” DO NOT fall for this scam. DO NOT click on any links. Immediately delete the email.

The links within the phishing email are cloned to login pages and even ask you for Duo verification. If you fall for this phishing email, immediately change your eID password and report the incident to abuse@k-state.edu.

The “URGENT: Suspected Exposure Incident Detected” phishing scam preys on people’s fear of spreading a contagious virus. The email provides a link to a webpage to determine if you have been in contact with the virus. It is important to note that the scammers send emails from university employees or department heads. Do not fall for this scam.

To learn more about identifying phishing scams, view the Phishing Scams webpage.

Think before you click. More than 90% of successful cyberattacks start with a phishing email. If you receive a suspected phishing email, immediately report the email to abuse@k-state.edu.

Complete Cybersecurity Awareness training by April 30

Posted on by Cathy Rodriguez

""The deadline to complete Cybersecurity Awareness training is Tuesday, April 30.

All faculty, staff, and student employees are required to complete the training, or you will lose your eID access. You can complete the training at your own pace, whether in one or multiple sittings. On average, most people complete the training in under one hour.

If you fail to complete the training, you will lose access to all University systems on May 21. Once you complete the training, your access will be restored.

If you have student employees who are no longer employed, be sure to terminate them in HRIS to prevent their access from being removed if they are still active students.

Take the trainingAccess the training

  1. Visit the Division of Information Technology website: https://www.k-state.edu/it/.
  2. At the bottom of the page, under the Cybersecurity Awareness Training section, click the Take the training button.

Record of training completion

After you complete the training, your training record in HRIS will be updated. It will be listed under the Training Summary as Cybersecurity Awareness, with the course code WIT590 and course session 2024.

If you have questions about the Cybersecurity Awareness training, contact the IT Service Desk:

  • Phone: 785-532-7722
  • Live chat
  • Walk-in: 2nd Floor, Hale Library

Records & Information Management month: Email records management

Posted on by Christine Doucette

As part of Records & Information Management Month, the K-State Libraries and the Division of IT collaborate to illuminate crucial aspects of records and information management. This week’s focus is on email records.

Every K-State employee is individually responsible for handling and maintaining records (including University email and other electronic records) under university policy and requirements. Emails are records that may contain evidence of official University actions, decisions, approvals, or transactions. Email is subject to statutes of the State of Kansas, KSA 45-401 through 45-414, which applies to preserving and destroying records.

Email Records Frequently Asked FAQs provide guidance for creating, managing, archiving, and deleting emails. Retention periods are listed on the Records Retention Schedule. Continue reading “Records & Information Management month: Email records management”

Records & Information Management month: How to identify transitory records

Posted on by Christine Doucette

As part of Records and Information Management Month, the K-State Libraries and the Division of IT collaborate to illuminate crucial aspects of records and information management. This article focuses on defining the types of transitory records and how to dispose of the records properly.

Examples of Transitory Records

  • Announcements and notices of a general nature
  • Blank forms
  • Convenience or duplicate copies
  • Drafts
  • Messages where the information has no operational value
  • Superseded lists
  • In-house publications that are obsolete, superseded or otherwise no longer useful

Continue reading “Records & Information Management month: How to identify transitory records”

K-State using geolocation for cybersecurity

Posted on by Christine Doucette

""The internet is an incredible tool for learning and sharing information, but it poses a cybersecurity threat. To keep hackers from stealing your personal information, K-State uses geolocation to safeguard accounts from being compromised by utilizing IP information. If suspicious activity is recognized, the user will receive an email notification of the activity with recommendations on the next steps, which could include updating account passwords.

Continue reading “K-State using geolocation for cybersecurity”

Records & Information Management month: What is a record?

Posted on by Christine Doucette

As part of Records and Information Management Month, the K-State Libraries and the Division of IT collaborate to illuminate crucial aspects of records and information management. This article delves into the fundamental concept of a record and explores the diverse types of records commonly generated within organizational contexts.

What is a record?

Records are information you create and maintain while doing your job. Records can be in any media, including paper, magnetic tape, and optical disks. Work-related records (including email) that you produce in your home and on your personal home computers are still the property of K-State. Your records are unique to K-State and are evidence of who you are and what you do.

The best way to keep track of your records is by doing a thorough inventory. This means checking all your electronic systems and all places where records might be kept. An inventory is the first step in developing a formal records management program. Continue reading “Records & Information Management month: What is a record?”

Annual Cybersecurity Awareness training begins April 1

Posted on by Christine Doucette

The annual Cybersecurity Awareness Training will be delivered to your K-State email inbox on Monday, April 1. All faculty, staff and student employees must complete the online training by Tuesday, April 30.

The training will teach you to spot phishing scams, keep passwords safe, and practice cyber hygiene. This training is mandatory for all state agencies through the State of Kansas ITEC Policy 7230 – Information Technology Enterprise Security Policy. Continue reading “Annual Cybersecurity Awareness training begins April 1”

Impersonation phishing scam hits campus

Posted on by Cathy Rodriguez

The cybersecurity landscape is constantly evolving, making it vital to stay ahead of the curve in safeguarding digital assets. A recent phishing scam at K-State involved what is known as CEO Fraud. CEO Fraud preys on the trust and authority associated with executive positions to deceive employees into carrying out fraudulent activity. 

In this example, the scammer sent a K-State employee an email impersonating a department head, asking the staff member to download a file about a pay adjustment. Instead of clicking the link in the email, the alert employee checked with the department head to see if they had sent the email. The supervisor hadn’t sent the email. This was a scam. 

Remember: Don’t open email links or unexpected or unusual attachments, attachments from strangers or strange-looking emails. 

Any email attachment or link can carry software designed to damage or exploit your device or network. The malware will launch once you open the attachment or click the link. Vigilance and skepticism are our best defenses against impersonation scams. 

Tips to prevent becoming a victim of phishing scams: 

  • Don’t reply to a suspicious, unexpected or strange email. 
  • Be wary of emails with urgent requests for your personal or financial information or your sign-in credentials. 
  • Don’t open unexpected or unusual attachments, attachments from strangers or strange-looking emails. 
  • Don’t click links in unexpected emails, emails you suspect are fraudulent or if you don’t know the sender. 
  • Don’t click Sign In links. Go to the business website and sign in there or contact their customer service for help. 
  • Avoid filling out forms in email messages that ask for financial information. Only share credit card information via a secure website or telephone. 

If you receive a suspicious email, forward it to abuse@ksu.edu and be sure to include the email headers in your message. 

When to use K-State’s VPN

Posted on by Christine Doucette

You must use a Virtual Private Network (VPN) when accessing protected proprietary and confidential data and campus resources while working offsite on an unsecured wireless network. A VPN encrypts your data so it cannot be intercepted by others using the same unprotected wireless network, such as at a hotel, airport or coffee shop. K-State’s VPN is GlobalProtect and is free for all active K-State students, faculty and staff.

Continue reading “When to use K-State’s VPN”