Loyola Information Security Blog

Beware of a new phishing scam circulating campus.  The email will be similar to the following, and contains a Google Drive link to a malicious executable. From: “info@slicedcreative.co.uk” <info@slicedcreative.co.uk> Date: October 2, 2015 at 12:32:31 PM CDT To: <UVID@luc.edu> Subject: Swift payment copy. Reply-To: <gjdariye@excite.com> If the phishing attachment was opened or clicked, please call […]

October is National Cyber Security Awareness Month (NCSAM), conducted every October since 2004, this national public awareness campaign is intended to encourage everyone to protect their computers and our nation’s critical cyber infrastructure. Cyber security requires vigilance 365 days per year. However, the Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA), and […]

Beware of a new phishing scam circulating campus. The email will be similar to the following, and contains a OneDrive link to a malicious executable. From: “MICROSOFT SECURITY” <g.contento@masteronline.biz> To: <UVID@luc.edu> Subject: SUSPICIOUS ACCOUNT ACTIVITY!!! Reply-To: <g.contento@masteronline.biz> If the phishing attachment was opened or clicked, please call the ITS Help Desk for assistance at (773) […]

Several Loyola staff and faculty have received an email that appears to be from a Loyola ITS department requesting that they verify the “security of their account.” Clicking their “Loyola Security” link will bring you to a non-Loyola webpage. From what we understand the page’s intent is to only harvest information, namely the UVID and password. […]

A new virus has been spreading throughout the ranks of the internet through various means: malicious emails, infected webpages, and infected file downloads. The damage can be quite extensive as you can lose access to every file on your hard drive unless you pay up to about $300 for the encryption key.

Only shop at reputable websites and with sites that start with https://: Shop at sites that you know, do not start with a search engine. Also watch out for misspellings of a well known website, known as typosquatting. These misspelled websites could be connected to a botnet for the purpose of stealing your bank account […]

As the holiday season approaches, it is important to be aware of seasonal scams and cyber campaigns.

It’s not often that the US government weighs in on the browser wars, but a new Internet Explorer vulnerability that affects all major versions of the browser from the past decade has forced it to raise an alarm: Stop using IE. This zero-day exploit is an unpatched flaw in the browser that allows attackers to run […]

eBay has become aware of a security breach that compromised a database that included encrypted passwords. eBay officials note that no financial data was implicated. In addition to passwords, the database contained basic information like name, email, phone number, address, and date of birth, but eBay officials stressed that no confidential or personal information was […]

It has been reported that P.F. Chang’s China Bistro is investigating a possible data breach involving credit card data reportedly stolen from locations nationwide. On June 9, thousands of stolen credit cards went up for sale at an underground store known for selling credit cards associated with the Target breach earlier this year. Banks have […]