March

Main Content

Follow-Up Information Regarding Recent Cyber Threat Announcement

Friday, March 24, 2023

TO:All UMMC Personnel
FROM: Benson Hill, Information Security and Privacy Officer
SUBJECT: Follow-Up Information Regarding Recent Cyber Threat Announcement

Currently, the suspicious activity mentioned in the earlier Campus Memo found hereis from California-registered addresses only. If the threat changes, the block on logging into the UMMC system may extend to other states.

In addition to active security measures taken to deal with this threat, everyone should be mindful about the importance of phishing awareness. Phishing is a common tactic used by cybercriminals to trick individuals – through craftily developed communications that sometimes look like they are from official sources – into divulging sensitive information or installing malware on their systems.

To avoid falling victim to phishing scams, please keep the following tips in mind: 

  • Be cautious of emails, texts or phone calls from unknown sources asking for personal information or urgent action.
  • Verify the legitimacy of any email or website requesting login credentials or personal information.
  • Be wary of unexpected attachments or links, especially from unknown sources.

The US Federal Trade Commission has published a helpful guide on avoiding phishing scams on their website here.

Everyone should be vigilant when approving Multi-Factor Authentication, MFA for short, requests. While MFA is an important security measure, cybercriminals have been known to use social engineering tactics to trick individuals into approving fraudulent MFA requests.

To ensure that MFA requests are valid, please verify the legitimacy of the request before approving it. If you are unsure, please contact the DIS Help Desk for assistance at helpdesk@umc.edu or 4-1145. 

If you suspect that you have received a phishing email or have fallen victim to a phishing scam, please report it to the Help Desk immediately and forward the email to abuse@umc.edu. 

We take the security of our organization very seriously, and we appreciate your cooperation in helping us maintain a secure environment. 

Thank you.