Loyola Information Security Blog

Overview When you think of a cyber criminal you probably think of an evil mastermind sitting behind a computer, launching sophisticated attacks over the internet. While some of today’s cyber criminals do use advanced technologies, many simply use the phone to trick their victims. There are two big advantages to using a phone: Unlike other […]

Below is the most recent phishing email and website we have seen. Similar to past emails, this scam attempts to trick users into entering personal account information (e.g. username/password). Users should not click any links in this email and should delete it right away. As a reminder, Loyola will never ask for your password or […]

Below is the most recent phishing email and website we have seen. Similar to past emails, this scam attempts to trick users into entering personal account information (e.g. username/password). Users should not click any links in this email and should delete it right away. As a reminder, Loyola will never ask for your password or […]

Below is the most recent phishing email and website we have seen. Similar to past emails, this scam attempts to trick users into entering personal account information (e.g. username/password). Users should not click any links in this email and should delete it right away. As a reminder, Loyola will never ask for your password or […]

In a security advisory, Microsoft has warned that malicious hackers are exploiting an unpatched vulnerability in Windows to launch targeted attacks against organizations. According to Microsoft, attacks exploiting the vulnerability have targeted companies via boobytrapped Microsoft Office documents. In short, a typical timeline of infection might go something like this: One of your users downloads […]

Over the past week or so, the UISO has noticed an increased amount of these phishing e-mails, stating that the receiver’s password is about to expire, and they need to validate his or her e-mail account.  These e-mails are coming from seemingly random senders, and not from within Loyola’s network, as you can see by their […]

Earlier this week the Internet Crime Complaint Center (IC3) and FBI sent out a report regarding a phishing scam targeting university employees. Users are receiving e-mails about a change in their human resource status and are sent to a link to website to address this change. The link sends the victims to a page that looks […]

Recently the Information Security Office has noticed many instances of a phishing scam requesting users to download a document from Drop-Box for their financial records. The e-mail contains many different sections that may seem legitimate, but you should NOT open the link or respond to the e-mail. Please note that the download link in the body […]

Over the past several weeks, the Help Desk and Information Security Office have received complaints of numerous spam e-mails claiming that “Your e-mail account was LOGIN today by Unknown IP address:”. The subject line is generally “Support” and the e-mail instructs the user to “click on the Administrator link below and LOGIN”, which then provides a bogus link […]

Be on the lookout for a new phishing campaign that is targeting email credentials.  Information Technology Services will never request your password, user ID, or any other credentials.  When in doubt, take no action and contact your IT department or Helpdesk through previously-established channels.  The fraudulent email will be similar to the following:   From: […]