Information Security's mission is to defend the institution's data, systems, infrastructure, and users from cybersecurity threats.
Cybersecurity: Job Scammers Targeting UNC
Job scammers are targeting UNC students with fraudulent job offers intending to drain the victim's bank account. These positions are listed as: Personal Assistant, Income Opportunities, or other flexible jobs customized for students enticing them with pay of between $300 and $450 a week. All UNC approved jobs are offered up via the Handshake service provided by UNC’s Center for Career Readiness. https://unco.joinhandshake.com/login
Please visit the IM&T Phish bowl for UNC Approved Emails and Phishing Alerts: https://www.unco.edu/information-management-technology/phishing/phishing-spam.aspx
We are seeing a number of Corona virus or COVID-19 scams. Please use caution when clicking on links or responding to emails, especially external emails, regarding this subject. https://www.unco.edu/information-management-technology/phishing/phish-alert-covid-general.aspx
Fake Zoom emails
Students should be receiving Zoom invites through their Canvas course shell. Beware invites, especially external ones, that appear to be Zoom invites. Most of these fake requests are trying to compromise your log on credentials but some are exploiting known vulnerabilities in Zoom itself.
We have deployed Microsoft Multi-factor Authentication!
At this time we have deployed MMFA to all of UNC faculty and staff.
Microsoft Multi-factor Authentication when accessing outlook from off campus.
Why are we adding multi-factor?
To add another layer of defense to prevent the abuse of compromised credentials.
What to expect:
When you try to access outlook while not connected to the UNC administrative network you will be prompted to authenticate with a second factor.
Depending on how you choose to set this up the multi-factor system will call or text your phone with a code, ask for a code from your authentication application, or simply prompt you with an allow or deny from the authentication application. You can set up your preferred method of multi-factor here: https://aka.ms/MFASetup
You will be able to exempt your device for up to 60 days before being prompted to use your second factor again.
Tips: Go to https://aka.ms/MFASetup and configure your account to use the Microsoft Authenticator application on your mobile device and use the “Notify me through app” option. I think this makes the process easier.
Don’t use your office number as your second authentication factor for access. If you are on the UNC admin network, you will not need to use a second authentication factor.
If you get a multi-factor prompt from the application but you are not trying to login click the Deny button and report the attempt to firstname.lastname@example.org.
Additional resources: https://docs.microsoft.com/en-us/azure/active-directory/user-help/multi-factor-authentication-end-user-manage-settings https://docs.microsoft.com/en-us/azure/active-directory/user-help/multi-factor-authentication-end-user-troubleshoot