On Monday, January 23, Apple released the iOS 10.2.1 update which fixes flaws that previously allowed iOS devices to be compromised. If you have any iOS devices (iPad, iPhone, iPod, etc.) it is highly recommended to run the update as soon as possible. More detailed information from Apple can be found here: support.apple.com/en-us/HT207482.
A new type of phishing scam is targeting online shoppers, reminding us to be aware of how we interact with websites and that phishing attacks can come from many sources, not just email!
The Enterprise Security team's mission is to improve the security awareness and profile of the university. We wanted to make you aware of this scam that could cause you loss as a consumer.
The Internet Crime Complaint Center (IC3) has issued an alert on employment scams targeting college students. Phony job opportunities are advertised via college employment websites or sent to students’ university email addresses. Unfortunately, students who have taken the bait have suffered financial losses. For more information and tips on avoiding these scams please review the IC3 Alert.
Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
The Enterprise Security team's mission is to improve the security awareness and profile of the university. This includes making you aware of important cybersecurity new items. A Joint Analysis Report has been released by US-CERT providing details on malicious activities undertaken by Russian Civilian and Military Intelligence Services (RIS).
This week we’ve seen a surge of phishing attacks against the university. Most recently we spotted a malicious website posing as a login page for BuckeyeMail and wanted to bring it to your attention. Please avoid clicking on links in emails when possible and always verify you’re at the site you meant to be at before entering user name and password. If you receive an email phish please report it to email@example.com. By informing us, we can more easily target and block other emails and sites from the same source.
Have you ever received a suspicious email from someone claiming they work for the IRS? Or an out-of-place phone call that asks you to respond to the IRS immediately? What about an unexpected text with an attached tax form? You’re not alone!
We want to alert Ohio State students to a fraudulent scheme involving a third party offering to pay your Ohio State tuition charges in order to save you money. This information has also been shared with students by Ohio State Enrollment Services.
In this scam, a person asks for your Ohio State username and password to pay your tuition charges by credit card. Once you receive a confirmation of the credit card payment, you are instructed to send the person a wire transfer payment or a check for that amount less 5 percent.
Despite receiving a confirmation of the credit card payment, the payment is fraudulent and will eventually be rejected by the credit card company, leaving you with a balance still due to Ohio State.
Rockhurst University in Kansas City was targeted with a phishing scam that resulted in the theft of W-2 information from nearly 1,200 university employees. Ohio State was targeted by a similar scheme, but the administrator involved recognized that the email was a phishing message and promptly reported it to firstname.lastname@example.org
The university community has been reporting more instances of phishing email attempts than usual to Ohio State Enterprise Security.
Cybercriminals have begun to use familiar names of senior leaders at Ohio State, such as President Drake, in an effort to gain your trust. These bogus phishing emails are examples of spoofing.