In early 2024, UW–Madison updated the Duo multi-factor authentication service. You may notice the Duo security prompt looks a bit different.
Cybersecurity News
The Office of Cybersecurity manages the university’s risk-reduction efforts through data protection, ongoing diagnostics, cybersecurity awareness training and policies and procedures to safeguard intellectual property and sensitive information.
12/20 phishing alert! Subject: “Salary Increase Notification”
There’s an active phishing campaign on campus in which the attacker impersonates a payroll & employees relations specialist sending information about a pay increase. The email asks recipients to click a link.
Buyer beware: email from financial consultant lead-generation service
While this isn’t a phishing attempt or outright fraud, it’s at best a hidden—and therefore misleading—marketing attempt we want you to be aware of.
Scam alert: phishing attempts to access NetID & MFA-Duo credentials
Beware of phishing attempts to access your MFA-Duo credentials. If you fall for the scam, criminals could then attempt to reroute your direct deposit information.
10/20 phishing alert! Subject: “[Not Virus Scanned] 16.89 % Salary Increase Letter 20 October 2023”
There’s an active phishing campaign on campus in which the attacker impersonates a payroll & employees relations specialist sending information about a pay increase. The email asks recipients to click an attached PDF.
Enter the Cybersecurity Awareness Month meme contest
Who, meme? Yes, you! Showcase your creativity, humor and cybersecurity awareness for a chance to have your meme displayed in the next TechNews!
8/19 phishing alert! Subject: “Open position & student welfare”
Watch out for an active phishing campaign on campus in which the attacker offers a a part-time, work-from-home job.
4/7 phishing alert! Subject: “Alert: Possible Exposure to Monkeypox Virus at the University”
In an active phishing campaign to UW email addresses, scammers prompt you to enter your NetID and password on a fake profile page. The scammers then use this information to change your direct deposit information.
LastPass update & recommendations
LastPass is a password manager available to faculty, staff and students. Though LastPass experienced a security incident late last year, we believe using it continues to be low risk.
Tips to avoid tax season fraud
Don’t get scammed by IRS impersonators or make a poor choice on tax preparers. Protect your money and personal information with these tips. And a reminder: Take these steps if you get a suspicious email.