Information Security
Security Training
Security Training – Learn how to be safer and more secure when using technology. Take the University’s annual online Security Awareness Training course.
Security News
Security News – Beware Coronavirus (COVID-19) Cyber Scams
How can we help you?
- Report a possible phishing attempt
- I need to complete Security Awareness Training
- I need to reset or recertify my CNetID or password.
- I want to know how to use two-factor authentication.
- I need an SSL, code signing, or some other kind of security certificate.
- Report a possible compromise or other security incident
- I have a question about security for my application or have my application reviewed.
- My account was locked for spamming or due to some other security issue.
- I need access to phone records, emails, or other data for an investigation or personnel matter.
- I’m traveling and received an email asking that I contact the security team.
- My computer or phone was blocked from the network due to a virus detection.
- I want to send the security team a report about a security vulnerability or some other issue I discovered.
- A website I tried to visit is blocked and erroneously listed as suspicious. What do I do?
IT Policies
Refer to the University’s official IT policies regarding data security and use of copyrighted material.
Training and User Guides
Complete security training and get user guides for helpful security tips and advice.
Phishing Alerts
Listed below are the latest phishing scams that have been acted upon by Information Security. Think you’ve received a phishing email? Don’t click it, report it.
Email Scam (Jul 06, 2020): “Top Urgent Delivery Notification: 5 messages to walshl@uchicago.edu delayed for 48 hours”
From: noreply@519.simonleehung.casa Date: 2020-07-06 00:11:24 [UTC-05:00] Subject: Top Urgent Delivery Notification: 5 messages to cnetid@uchicago.edu delayed for 48 hours Message generated from uchicago.edu source. You have some pending messages Your emails on...
Email Scam (Jul 09, 2020): “FLOOD BRAIN M. Left you a pending voice memo”
Sender: bflood@uic.edu Date: 2020-07-03 09:11:53 [UTC-05:00] Subject: FLOOD BRAIN M. Left you a pending voice memo Duration : 00:24 Sec. Time : 09:55(PDT) Click Here to Listen<hxxps://taximpro[.]net/ozyasar/memo[.]html>
Email Scam (June 24, 2020): “Please respond – overdue payment from DYNA COMP INC.”
From: "Christine Rasmussen" <Christine@dynacompinc.com> Subject: Please respond – overdue payment from DYNA COMP INC. Date: Wed, 24 Jun 2020 <hxxps://1drv.ms/u/s!Aj_g7U9BoNNDdOzhKmyMH1NgkPs?e=xugkIB> Hello, We’d like to bring your attention to the attached...
Security News
Check here for the latest security alerts that may affect you.
Beware Coronavirus (COVID-19) Cyber Scams
We would like to warn everyone to remain vigilant for scams related to coronavirus 2019 (COVID-19). Cyber criminals may send phishing emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to...
Uptick in Symantec Alerts: Port Scan Blocked
A day in security's life: "Pardon me, sir, but the wireless is knocking!" Recently, a number of individuals have reported “portscan” detections from their University-provided Symantec antivirus programs. This largely seemed to come from individuals on the wireless...
Urgent? Are you available? Assistance needed immediately.
Have you received an email with this as a subject? Seemingly from your manager or department chair. Information Security wants to make you aware of an active, persistent scam that is targeting the University as well as many other institutions. These types of email...
Add a University Account Recovery Email and Phone Number
If you’re unable to log in with your CNetID and password to access University services, you can call IT Services for support during business hours. But what happens if you get locked out late at night and can’t reach ITS? Fortunately, you can set up a University...
Statement on Data Vulnerability
An independent security researcher recently notified the University of Chicago Medical Center that a security vulnerability affected a database with information about a cross-section of individuals with connections to the University of Chicago, including some donors...
CRITICAL Security Advisory: Remote Desktop Services Remote Code Execution Vulnerability
In response to a new security vulnerability impacting users of Microsoft Windows, the University is taking actions to ensure that our campus network is protected. Starting Tuesday, May 21, the University will begin requiring all use of Remote Desktop (RDP) from...
Threatening Hoax Email
Written by Craig Drake, Information Security Engineer (ITS) IT Security has detected a new email scam that began affecting the University of Chicago community yesterday, December 13. The scam has been widely reported at other higher education institutions. The email...
Phone Calls You Can Ignore – It’s a scam!
Written by Kendall R Williams, Information Security Engineer (ITS) Have you ever received a threatening phone call from the IRS, Social Security Administration, or perhaps from the Chinese Consulate? Phone scams are on the rise, especially during this time of year...
This Email Scam has a Real Password
Written by Kendall R Williams, Information Security Engineer (ITS) You may want to react to this new email scam, but don’t. From: Bad Guy <badguy@outlook.com<mailto:badguy@outlook.com>> Subject: <username> - SEuJ5Kyb Lets get right to the purpose....
Vulnerability Alert: Meltdown and Spectre
What is Meltdown and Spectre? You may have heard about Meltdown and Spectre in the news these past few days. There is a lot of confusing information out there since these vulnerabilities were revealed to the public much earlier than anticipated - so we're going to...