News

WashU Community: WashU IT’s theme for January is “A New Year brings new beginnings” and the cyber security community is looking ahead to the season where cyber criminals use tax returns as the hook for their messaging and con games. As always, cyber criminals use current events and seasons to target you, hoping to catch […]

Artificial intelligence art generators – like those built into ChatGPT and Gemini – are trained on billions of existing images. Meanwhile, deepfakes are trained on photos, audio, and video of one specific subject to replicate their likeness. Deepfake technology can depict a person saying or doing something that they never did. Both technologies can be used maliciously, and it’s happening to WashU employees and their family members. Voice Cloning is Cheap […]

The Office of Information Security (OIS) is always looking for ways to improve your security and reward your participation in helping to secure WashU. We’ve changed the way the competition works to provide you with a bigger prize! Instead of $100 monthly drawings, we will draw one $400 winner after 4 months. Participants can gain a total of 4 entries in this challenge.  How to Gain the Most Entries The InfoSec team will release a […]

The Office of Information Security has observed an uptick in fake job offer scams directed at students. Impersonation is one of the most effective social engineering tactics scammers use, and it can be particularly enticing if offering a lot of easy money.  If you see a message like the one below, please do not interact with the sender and do […]

WashU’s Division of General Medicine & Geriatrics received a fax and voicemails from someone claiming to be from CVS Caremark. David from “CVS” wanted office visit notes on a specific patient. He alleged that the patient wanted their prescriptions transferred to CVS and needed office notes for the transition.  The WashU employee called the number listed on the fax and an agent immediately requested the patient’s […]

Why Secure Disposal Matters Secure disposal of WashU hard drives is much more than throwing away old equipment. Some devices being reused, transferred, donated, or converted to personal use may still contain recoverable data, such as Protected Health Information (PHI), that the next user may not be authorized to access. This is why it is important to follow WashU IT’s secure disposal process anytime you handle disposal of a workstation.  Deleting Isn’t Enough Did you know […]

WashU Community:  Cybercrime is on track to cost the world over $10.25 trillion in 2025. That’s bigger than the illegal drug trade. If cybercrime was a country, it would be the third largest economy in the world, behind only the US and China. Amazing.  Unfortunately, many of the victims are fooled into thinking they are customers or investors. And since any of us, our friends, or our family members could […]

The big four scams of the holiday season are: According to the Internet Crime Complaint Center’s (IC3) 2024 report, non-payment and non-delivery scams cost people over $785 million that year. Credit card fraud accounted for another $199 million in losses.  Click with caution  Don’t click on any suspicious links or attachments in emails, on websites, or on social media. Not sure if the email in your WashU inbox is legitimate? Simply report the […]

Policies can be long and hard to read, but it is everyone’s responsibility to know and follow them. The Office of Information Security (OIS) has created policy quick reference guides to make it easier to learn about the tools and guidance you need to protect your data, adhere to university and regulatory requirements, and stay secure online. About OIS’ […]

The Office of Information Security caught a spear phishing campaign that often targets researchers who have signed up as speakers or presenters for a conference. Instead of targeting as many people as possible, like regular phishing campaigns, this scam focuses on a specific target or demographic. If you see an email registration form like the one below, […]

Alesya Bernatskaya officially joined the Office of Information Security (OIS) in September, but her impact on WashU’s cyber landscape goes way back. In her role as IT Program Director, Alesya leads the CyBear Project Management Office (PMO) within OIS. She has a group of project managers under her, and a business analysis team that reports through Alyssa Todd. Together with WashU IT and Distributed IT, they support the delivery of CyBear projects that fortify the university’s cyber defenses. With the program now housed under […]

The Office of Information Security held a competition for Cybersecurity Awareness Month that closed on November 21, 2025. WashU staff, faculty, and students were eligible to submit several entries to win up to $1,000 in Bear Bucks. Thank you to all who participated! Our winners have been selected and notified. The winners are from the following departments: Congratulations to the winners and […]

Running an old version of Windows might seem harmless—after all, “it still works.” But when Microsoft ends support for an operating system, that means no more security updates, no patches for new vulnerabilities, and no help when things go wrong. Hackers know this, and they actively target outdated systems because they’re easy to attack.  In a university environment, especially one that has access to […]

To receive mandatory security updates and check in with inventory systems, all WashU computers must be powered on at least once a month and connected to the system’s network at a campus location or through VPN.  Non-compliance means a device will not receive mandatory, critical security updates. This affects performance, security compliance and could result […]

Provide consent to receive only electronic delivery of your tax documents by December 31, 2025. This will allow you to receive your W-2 form online as soon as it is available in Workday. You will be notified by email in January when your electronic W-2 form is available. Manage printing elections of your tax forms […]