News

The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we’d like to test your knowledge in a fun ‘Phish or Treat’ game.   Phishing    When navigating your email, always be on the lookout for red flags that may indicate that it is a phishing email. […]

The Office of Information Security has observed a trend in which criminals advertise a job while impersonating a Professor of Computer Science and Engineering. Impersonation is one of the most effective social engineering tactics used by scammers, and it can be particularly enticing if offered employment.  If you see a message like the one below, […]

Spring Break is right around the corner, and many in the WashU community will be traveling for conferences, studying away, researching elsewhere, visiting family, or just going somewhere relaxing. No matter where you go, your smartphone will undoubtedly be at your side. These handy devices have become our constant companions for just about anything you […]

Letter from the CISO, Vol 3 Issue 8 Washington University Community: New Year – New Password Discipline “Password Discipline” certainly sounds like the kind of New Year’s resolution that will be abandoned within 24 hours. But it truly needs to be on everyone’s list. Good password management is critical for protecting yourself, your family, and […]

The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we’d like to cover a phishing tactic that uses your phone as a medium for scammers. This scam is called ‘Vishing.’   Vishing   Cybercriminals are continuously looking for new and unexpected ways to contact you. While […]

Tax season officially begins on January 29, and internet scammers will capitalize on the moment. The Internal Revenue Service initiates most contact through regular mail delivered by the United States Postal Service. Sometimes, they will call or visit, but other than that, “The IRS doesn’t initiate contact with taxpayers by email, text messages or social […]

The Office of Information Security has identified a trend in which criminals send members of our community false COVID-19 contact tracing emails with a malicious link. They hope a victim will click the link and give their WashU credentials. In this scam, hackers use a compromised email address from Brown University to send phishing emails. […]

The DUO Two-Factor Authentication upgrade was deployed on November 20, 2023, to enhance and secure WashU systems and applications access. A smartphone or tablet with the Duo Mobile app installed is required to use this new and preferred verified push method of multi-factor authentication. There are circumstances where you might not be able to download […]

Digital Guardian, the data loss prevention software, has been updated to detect and alert when sensitive information, such as Protected Health Information (PHI) or Personally Identifiable Information (PII), is shared to public websites, including Artificial Intelligence sites such as ChatGPT.  We are tuning Digital Guardian to reduce the number of false alerts and enhance our […]

To simplify the critical messages you receive about information security at the university, the Office of Information Security is retiring the Secure WUSM Infosec bulletin. Instead, the content will now be published in this newsletter. That means there will be fewer university-wide emails! Additionally, we are folding Secure WUSM itself into the organization-wide CyBear Secure […]

Letter from the CISO, Vol 3 Issue 7 Washington University Community: Holidays and the joys of giving and receiving (safely)! As we are in the middle of the holiday season, it’s easy to get caught up in the joyous atmosphere and excitement of finding the perfect gift or the muted pain of receiving an ugly […]

The OIS is always looking for ways to improve your security and reward your participation in our efforts. This month, we want to point you toward a few resources to help you protect yourself from cybercrime and understand how our office can support you during this holiday season. Be sure to read our article on […]

With Black Friday and Cyber Monday behind us, it can be tempting to impulse buy any remaining discounted items. Before getting caught up in a “while supplies last” frenzy, remember that scammers capitalize on hasty decisions involving payment information. According to the Internet Crime Complaint Center’s (IC3) 2022 report, non-payment and non-delivery scams cost people more […]

If You Sent Money to a Scammer  Scammers often insist that you pay in ways that make it tough to get your money back. They prefer you wire money through a company like Western Union or MoneyGram, send cryptocurrency, use a payment app, or buy a gift card and give them the redemption code. Regardless of how you lost money to a scam, […]

Nick Fredrick, GRC Security Analyst I, is one of the newest additions to the Office of Information Security. After earning his bachelor’s degree in computer information systems from St. Louis University, Nick interned for our Governance Risk and Compliance (GRC) team, where he was eventually hired as a full-time analyst. Throughout his time at WashU, […]