Kansas State University

search

IT News

Category: Privacy

Phishing Scam: “URGENT: Suspected Exposure Incident Detected”

Posted on by Christine Doucette

A new phishing scam email has been circulating through several colleges and universities nationwide and even in Kansas. The email’s subject line is “URGENT: Suspected Exposure Incident Detected.” DO NOT fall for this scam. DO NOT click on any links. Immediately delete the email.

The links within the phishing email are cloned to login pages and even ask you for Duo verification. If you fall for this phishing email, immediately change your eID password and report the incident to abuse@k-state.edu.

The “URGENT: Suspected Exposure Incident Detected” phishing scam preys on people’s fear of spreading a contagious virus. The email provides a link to a webpage to determine if you have been in contact with the virus. It is important to note that the scammers send emails from university employees or department heads. Do not fall for this scam.

To learn more about identifying phishing scams, view the Phishing Scams webpage.

Think before you click. More than 90% of successful cyberattacks start with a phishing email. If you receive a suspected phishing email, immediately report the email to abuse@k-state.edu.

When to use K-State’s VPN

Posted on by Christine Doucette

You must use a Virtual Private Network (VPN) when accessing protected proprietary and confidential data and campus resources while working offsite on an unsecured wireless network. A VPN encrypts your data so it cannot be intercepted by others using the same unprotected wireless network, such as at a hotel, airport or coffee shop. K-State’s VPN is GlobalProtect and is free for all active K-State students, faculty and staff.

Continue reading “When to use K-State’s VPN”

Be aware of phishing scams

Posted on by Christine Doucette

""Phishing scams are used by cybercriminals to trick you into sharing personal information, such as passwords, credit cards, social security and bank account numbers, by sending you fraudulent emails or directing you to a fake website. K-State and legitimate businesses will never ask for your account, personal or financial information by email. Learn what a phishing scam looks like.

Sophisticated attackers will even attempt to get you to disclose passcodes from your Duo app to bypass the protections that two-factor authentication provides. K-State will never ask you to provide a Duo passcode immediately after completing the standard login confirmation. If you are ever asked to give that in combination with your password – you are being scammed. Continue reading “Be aware of phishing scams”

Increased phishing scams during the holidays

Posted on by Christine Doucette

""Be on the lookout for increased phishing email scams this holiday season.

Phishing is an attempt by cybercriminals, posing as a legitimate business, to trick you into sharing personal information, such as passwords, credit card numbers, Social Security numbers, or bank account numbers, via a fraudulent email or website.

Sophisticated attackers will even attempt to get you to disclose passcodes from your Duo app to bypass the protections that two-factor authentication provides. K-State will never ask for your Duo backup passcode immediately following login. If you are ever asked to give that in combination with your password – you are being scammed. Immediately report the email to abuse@ksu.edu.

For additional information on how Duo passcodes work, view the Duo Passcode knowledge base article.
Continue reading “Increased phishing scams during the holidays”

When traveling, use K-State’s VPN

Posted on by Christine Doucette

Are you traveling for work? Remember to use GlobalProtect, K-State’s Virtual Private Networking (VPN). When working offsite, the VPN should be used to access protected proprietary and confidential data and campus resources. From off-campus, use the VPN to connect to campus resources securely.

To use the VPN software, you must be a K-State student or employee with an active K-State eID and internet connection.

Continue reading “When traveling, use K-State’s VPN”

When to use K-State’s VPN

Posted on by Christine Doucette

Are you traveling for work this summer? Remember to use GlobalProtect, K-State’s Virtual Private Network (VPN). When working offsite, the VPN should be used when you need to access protected proprietary and confidential data and campus resources. From off-campus, use the VPN to connect to campus resources securely.

To use the VPN software, you must be a K-State student or employee with an active K-State eID and internet connection.

Continue reading “When to use K-State’s VPN”

North Korea using social engineering to hack universities

Posted on by Christine Doucette

""In light of recent developments in the cybersecurity landscape, the Division of Information Technology (IT) feels it is imperative to communicate the evolving threats to our community. One such concern involves a North Korean group known as Kimsuky, a state-sponsored cyber threat actor notorious for their sophisticated spear-phishing attempts. Spear-phishing is a targeted form of phishing where the attacker impersonates a known or trusted entity to deceive individuals into revealing sensitive information. Continue reading “North Korea using social engineering to hack universities”

Increased SMS text phishing attempts

Posted on by Christine Doucette

""In collaboration with the Office of Private Sector (OPS), the FBI San Francisco Field Office has recently issued a report highlighting a surge in “smishing” attempts. Smishing (or SMS text phishing) is a fraudulent practice where text messages trick individuals into divulging sensitive information. This can range from personal and financial information to company-specific data and employee credentials.

These threat actors often pose as fellow employees or company leaders to persuade recipients to share sensitive data. This information can then be used for various criminal activities, including financial gain, further breaches at a company, or even targeting other employees. Continue reading “Increased SMS text phishing attempts”

When to use K-State’s VPN

Posted on by Christine Doucette

K-State’s Virtual Private Networking (VPN) is GlobalProtect. When working offsite, the VPN should be used when you need to access protected proprietary and confidential data and campus resources. From off-campus, use the VPN to connect to campus resources securely.

To use the VPN software, you must be a K-State student or employee with an active K-State eID and have an internet connection.

Continue reading “When to use K-State’s VPN”

When to use K-State’s VPN

Posted on by Christine Doucette

K-State’s Virtual Private Networking (VPN) is GlobalProtect. The VPN should be used when accessing protected proprietary and confidential data and campus resources when working offsite. From off-campus, use the VPN to remotely connect to campus resources securely.

Continue reading “When to use K-State’s VPN”