Tag Archives: Phishing

Information Security and Phishing

TechNews, , , ,

For the fall of 2025, it is expected that approximately 19 million students will attend U.S. universities. This influx of students, faculty, and staff returning for the academic year presents increased opportunities for cybercriminals, who often exploit the busy start of the school year to launch their attacks​.

Phishing Attacks Are Getting Smarter

Phishing remains one of the biggest cybersecurity threats, and attacks jumped 58% in 2024. Most of these came through email, with 65% of phishing attempts aiming to steal login credentials. Attackers are also using AI to write more convincing emails – one phishing email every 42 seconds last year.

The impact is serious: phishing was behind 45% of ransomware attacks, with average costs reaching $1.5 million per incident.

Protective Measures: To mitigate the risk of falling victim to these attacks, it is crucial to adopt robust cybersecurity practices:

  1. Be cautious of emails claiming urgency.
  2. Verify the sender’s email address.
  3. Watch for suspicious logos, signatures, or content.
  4. Check URLs before clicking; ensure they lead to official, encrypted sites.
  5. Think twice before opening attachments or clicking on links.
  6. Use different passwords for work, school, and personal accounts, and keep them secure.
  7. Regularly update devices, apps, browsers, and antivirus software.
  8. Delete sensitive information that is no longer needed.
  9. Backup your files regularly.

Common Scams Targeting Students: College students should be aware of common scams, including:

  • Fake emails offering “Part-Time” work.
  • Fake emails with “important information about your account” or issues with registration.
  • Tech support scams claiming issues with your computer.
  • Fake scholarship or textbook rental scams.
  • IRS scams demanding payment for a fake “federal student tax.”
  • Tuition reimbursement or student debt cancellation scams.
  • Requests for login information, passwords, or personal data.
  • Fake friend requests and misleading messages about shared documents.

These precautions and awareness can help protect against the growing wave of phishing and other cyberattacks targeting educational institutions and their communities.

Phishing and Social Engineering 

Special News, TechNews, , ,

Phishing and social engineering campaigns are still a top source of ransomware and other malware[1]. 

Phishing is a type of cybersecurity attack where malicious actors send messages pretending to be a trusted person.  Social Engineering is the psychological manipulation of people into performing actions like installing malicious software, clicking a malicious link, or divulging sensitive information.

Reduce your chances of your falling victim to phishing attacks!

Beware of messages that:

  • Do not clearly identify themselves or their company
  • Come from an email address that does not match the company’s domain
  • Do not give full contact information such as the title of sender, the company’s physical address, or phone number
  • Make too good to be true offers with no strings attached
  • Ask to pay an upfront fee or asks you to transfer money for them
  • Ask to give your credit card or bank account numbers
  • Ask to send copies of personal documents
  • Remember: DO NOT provide any personal information, especially Social Security numbers or financial information. Legitimate companies would not ask for this information over the phone or email.

If an email looks suspicious, do not respond and do not click on any links or attachments. When available, “Report phishing” to block other suspicious emails.

[1] 2023 Verizon Data Breach Investigations Report (DBIR)

Please send any questions or concerns to Simmons Information Security Officer, Kristen Howard, or the Technology Service Desk.

Phishing and Social Engineering

Special News, TechNews, , , ,

Phishing and social engineering campaigns are the #1 source of ransomware and other malware[1].
Phishing is a type of cybersecurity attack where malicious actors send messages pretending to be a trusted person. Social Engineering is the psychological manipulation of people into performing actions like installing malicious software, clicking a malicious link, or divulging sensitive information.

Reduce your chances of your falling victim to phishing attacks!

Beware of messages that:

  • Do not clearly identify themselves or their company
  • Come from an email address that does not match the company’s domain
  • Do not give full contact information such as the title of sender, the company’s physical address, or phone number
  • Make too good to be true offers with no strings attached
  • Ask to pay an upfront fee or asks you to transfer money for them
  • Ask to give your credit card or bank account numbers
  • Ask to send copies of personal documents
  • Remember: DO NOT provide any personal information, especially Social Security numbers or financial information. Legitimate companies would not ask for this information over the phone or email.

If an email looks suspicious, do not respond and do not click on any links or attachments. When available, “Report phishing” to block other suspicious emails.

[1] 2021 Verizon Data Breach Investigations Report (DBIR)

Being Aware: Spam, Phishing, and You

TechNews, , , ,

Though spam, phishing, and other attempts to obtain personal information via email are nothing new, we’d like to remind everyone that these types of threats are real and that Gmail is not immune to the most sophisticated attempts.

When using your Simmons email, please be aware of these threats. If you receive an email that you know is suspicious, you should report it to the Service Desk and click SPAM in the Gmail toolbar above the email.

For more information about safe computing, please read this FAQ and, for more information about phishing scams in particular, please see this FAQ on the Service Desk website. If you have questions about phishing or need guidance in a particular situation, please contact the Service Desk at 617-521-2222.