Keeping Information Security Simple – Phishing, Spear Phishing & Whaling

Letter from the CISO, Vol 1 Issue 12 Washington University Community: Do you know the differences between phishing, spear-phishing, and whaling? Let’s start with the difference between phishing and spear phishing. In short, phishing messages are those all-too-familiar messages that try to get you to give away information or install malware. They arrive via email, […]

InfoSec Allies: Office of Resource Management

Many hands touching a speech bubble.

The Office of Resource Management (ORM) plays an essential part in our day-to-day lives and operations at WashU. The office, home to more than 20 staff members, encompasses the departments of Purchasing Services, Furniture and Design, and Supplier Diversity and Mail Services. People from every department and role in the university community interact with the […]

Chance to Win $250 with OIS Website Scavenger Hunt

Trophy with five stars

The Office of Information Security’s website is full of helpful resources and information for keeping you more secure online. To encourage you to become more familiar with what our website has to offer, the OIS office is holding a virtual scavenger hunt featuring a chance to win $250 in Bear Bucks! How to Participate Follow […]

The Dark Side of Cryptocurrency

The unfamiliarity and confusion surrounding cryptocurrency make it easier for cybercriminals to prey on their victims. Before explaining how a cybercriminal can exploit people for cryptocurrency, it helps to have a basic understanding of the technology. Bitcoin is one form of cryptocurrency in the same way that the Euro is one form of government-issued currency. […]

Scam of the Month: Authenticate Your Account

This month’s scam is a recent and widespread phishing attack that attempted to use social engineering and impersonation to gain account access. This one is particularly tricky, but it uses a very common set of steps that criminals deploy to steal account credentials. The user receives the suspicious email, in this case from an ‘@wustl’ […]

Meet Your InfoSec Team: David Puzder, Information Security Analyst

David Puzder is our newest information security team member. David hails from Ohio and is a recent graduate of the University of Dayton. He splits his time as an Information Security Analyst between Governance, Risk, and Compliance (GRC) and Information Security Awareness, Behavior, and Culture. With the GRC, he will identify internal and third-party risks […]

Catch a Phish to Protect Yourself and WashU

Phishing is the most common tactic cybercriminals use to steal login credentials, data, and intellectual property. Billions of these messages are sent every day, but it’s now easier than ever to protect yourself and WashU by helping the Office of Information Security (OIS) catch the phish and remove it from our system. The Phish Alert […]