Information Security
Security News
Security News – Beware Coronavirus (COVID-19) Cyber Scams
How can we help you?
- Report a possible phishing attempt
- I need to complete Security Awareness Training
- I need to reset or recertify my CNetID or password.
- I want to know how to use two-factor authentication.
- I need an SSL, code signing, or some other kind of security certificate.
- Report a possible compromise or other security incident
- I have a question about security for my application or have my application reviewed.
- My account was locked for spamming or due to some other security issue.
- I need access to phone records, emails, or other data for an investigation or personnel matter.
- I’m traveling and received an email asking that I contact the security team.
- My computer or phone was blocked from the network due to a virus detection.
- I want to send the security team a report about a security vulnerability or some other issue I discovered.
- A website I tried to visit is blocked and erroneously listed as suspicious. What do I do?
IT Policies
Refer to the University’s official IT policies regarding data security and use of copyrighted material.
Training and User Guides
Complete security training and get user guides for helpful security tips and advice.
Phishing Alerts
Listed below are the latest phishing scams that have been acted upon by Information Security. Think you’ve received a phishing email? Don’t click it, report it.
SMSishing Scam (Nov 16, 2023): (BFI) Targeted Phishing Attack
Email Scam (Aug 29, 2023): “EMPLOYMENT OFFER”
From: Solera Holdington Subject: EMPLOYMENT OFFER Date: 08-29-2023 Good Day Staff & Students. The University of Chicago Employment Offer This message is from the Campus Job Placement & Student Services. In Accordance with the work and study regulations of...
Email Scam (Aug 14, 2023): Paul Alivisatos shared a document with you as a user
From Andrea Jones <adjones @ liverpool[.]k12[.]ny[.]us> Subject Paul Alivisatos shared a document with you as a user Date/Time 2023/08/13 or 2023/08/14 - time variable
Security News
Check here for the latest security alerts that may affect you.
Secure Your Devices: Stay Updated
Protecting your work devices is essential whether you are working on campus or remotely. One of the easiest ways to keep your device and information secure is to keep your software and apps updated and to use a safe network. Avoiding these steps can present an open...
Securing Your Digital Life with Multi- Factor Authentication
In today’s digital landscape, securing your online accounts is vital. Multi-factor authentication (MFA) serves as a security defense to protect yourself against cybercriminals. MFA requires anyone logging into an account to navigate a multi-step process to prove their...
Here’s Why You Shouldn’t Feel Intimidated About Exploring a Career in Cybersecurity
Are you intrigued by the idea of pursuing a career in cybersecurity but find the IT landscape overwhelming? If so, you're not alone! Many people in the IT or cybersecurity field didn't start with a degree in those areas or follow a traditional path. (Lance Spitzner is...
Don’t Wait to Update
One of the easiest ways to keep your information secure is to keep your software and apps updated. Update often. Always keep your software updated when updates becomes available and don’t delay. These updates fix general software problems and provide new security...
Ditch the Post-It Notes and Use a Password Manager
Most of us manage 100 or more passwords for our online accounts and it can be tough to remember so many unique passwords. If you’re like most people, you’re probably using the same password for most of your accounts—and that’s not safe. Once that single password is...
Video: Report Phish With One Click
The Report a Phish button easily allows you to report email you believe is phishing to Information Security directly from your O365 or...
How to Locate the Report Phish Button
IT Services has implemented an easier way to report suspicious emails from your University Outlook or Gmail inbox. This feature, called Report Phish, allows you to report phishing or other suspicious emails with the click of a button. The Report Phish button will...
Learn How to Refuse the Phishing Bait
Phishing – when a cybercriminal poses as a legitimate party in hopes of getting someone to engage with malicious content or links – remains one of the most popular tactics among cybercriminals today. In fact, 80% of cybersecurity incidents and 90% of data breaches...
Text Message Scam ( August 9, 2022 ): SMS Impersonation of University VIPs
Date: August 9, 2022From: +(213)205-5089 The following is part of an example of what a UChicago user saw and responded to the initial scammer message. We have currently observed some scam campaigns through phone text (i.e. smishing) where the attacker tries to...
Cybersecurity Career Awareness Week
Cybersecurity is a dynamic and rapidly growing field, with new threats and challenges emerging each day. And with that, there is a huge push being undertaken by both business and education sectors to attract individuals toward a degree and career in cyber. Whether...