News

Letter from the CISO, Vol 3 Issue 4 Washington University Community: How likely are you to click? A few years ago, I advised a company to conduct its first email phishing simulation, otherwise known as a “phish test.” The systems administrator enthusiastically crafted a test message that used a logo from the company’s website, included […]

October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. The Office of Information Security is proud to champion this online safety and education initiative this October.  All month long, we are promoting these key behaviors to encourage every employee to take […]

The Office of Information Security is running a competition throughout October for Cybersecurity Awareness Month! WashU staff, faculty, and students can submit several entries to win up to $1,000 in BearBucks.   Beginning September 28th, we will release three episodes of “The Inside Man,” a soap opera-style training that covers critical cybersecurity themes. Every Friday until […]

The Office of Information Security has identified a trend in which criminals send members of our community a Google Document containing a malicious link, in hopes that a victim may give up their credentials. In this more elaborate scam, hackers posed as Adis Avila, who is not an individual who works at our university, sending […]

Steve Bochte, Information Security Architect, brings a wealth of experience and enthusiasm to the InfoSec team. Steve remembers being interested in IT and security as a grade-schooler, and these fields still appeal to his love for fixing things and improving processes today. After taking the CISSP exam in 2007, he started exploring the world of […]

Letter from the CISO, Vol 3 Issue 3 Washington University Community: Welcome (back) to school! A friend recently shared that her son was assigned a roommate with whom he seems to have nothing in common. They’ve recognized and embraced their differences and are enjoying better, richer experiences because of it. This made me think that […]

The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we want to point you toward a few resources to help you protect yourself from cybercrime and understand how our office can support you. Guidance for Reporting Phishing Have you seen the Phish Alert Button? […]

Welcome back! We know you will be busy as the semester begins, so we have pulled together resources to help you with a variety of common security needs. See below for our roundup of guidance to help you get in the swing of the semester!  Devices Device security is essential for protecting your privacy and […]

The Office of Information Security observes a trend in which criminals send a fraudulent order confirmation claiming the recipient will be charged almost $500. The criminals hope victims will call a phone number to refute the “purchase” and disclose their banking information.  If you see a message like the one below, please do not interact […]

Shane Powell, Information Security Architect, is one of the newest members of the InfoSec team here at WashU. Originally, Shane is from Texas, but after many years of visiting St. Louis with his wife, they decided to move here in 2016. In his day-to-day work here, Shane “communicates with various groups throughout the university and […]

Letter from the CISO, Vol 3 Issue 2  Washington University Community:  Is our best good enough?  In the battle against malicious cyber actors, we are constantly challenged by more clever and sophisticated attacks.  For example, for several years after we implemented DUO 2-Factor Authentication (2FA), the number of successful account-compromise attacks dropped to almost zero. […]

The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we want to point you toward a few resources to help you protect yourself from cybercrime and understand how our office can support you. Guidance for Reporting Phishing Have you seen the Phish Alert Button? […]

The Office of Information Security observes a trend in which criminals use a compromised email account to trick victims into divulging their WUSTL Key password. In this scam, criminals took over a legitimate email address from UT Health San Antonio and used it to send phishing emails. Victims who click on the phishing link are […]

Our Governance, Risk, and Compliance (GRC) team is fortunate to have three GRC Analyst Trainees this summer who are assisting with various InfoSec efforts. We are excited to have them on our team and would like to introduce you to each of them.   Lindsey Wichman  Lindsey Wichman is currently majoring in Computer Science with a […]

Our office is continually searching for the best ways we can serve you and help you secure your work and WashU’s resources. We regularly update our information security website (https://informationsecurity.wustl.edu) with the latest information and resources to help you navigate the increasingly complicated digital landscape.   In addition to the great original content we post on […]