COVID-19 Information Security 威胁

As our University and country respond to the challenges of the COVID-19 (coronavirus) outbreak, cybercriminals are also actively attempting to take advantage. 大学 Computer Services Center and Information Security Offices want to warn you of the need to be especially vigilant. The following are major areas of concern:

Where to Get 帮助 and Report Incidents

学生 and General Division employees:

helpdesk@primerideshop.com 和/或 infosec@primerideshop.com

Call (251) 460-6161 for highly urgent circumstances, such as an obvious computer infection or ransomware attack.

美国健康 employees:

Call the IT 帮助 Desk at (251) 445-9123 or email 上学.emailreview@health.primerideshop.com

Work at 首页 Security Considerations

The transition to work-at-home raises a number of Information Security issues for individuals working at home. We have compiled a number of suggestions you will find helpful in securing your home network environment for 人al and University business 目的. Click here for these suggestions.

Email “Phishing” and other 威胁

Malicious email phishing scams about the COVID-19 virus are at a heightened level. The Information Security Office is especially concerned about phishing and malware scams taking advantage of fears surrounding the Coronavirus. These phishing attempts may ask you to enter credentials or urge you to open an attachment to learn more, potentially installing malicious code on your machine.

Please take the following precautions:

Be skeptical of emails claiming to be from the Centers for Disease Control (CDC), the World Health Organization (WHO), or experts saying they have information about 病毒. Find the authoritative web sites for those entities rather than clicking on links in the email.
If you receive an unsolicited email which includes a link requiring you to enter passwords, 停止 and assess the situation. Contact the sender before acting.
Malicious actors are cloning websites with a live map for COVID-19 global cases by Johns Hopkins University. Once the site is accessed, the user is infected with malware.

The USA Information Security Office recommends the following preventive measures:

Verify the sender’s email address, but be aware that even a legitimate sender might have been compromised.
Unless you are CONFIDENT of the email’s integrity, do not click on any links, or download/open any attachments in any unsolicited emails you may receive - even if from someone you routinely correspond with.
Remember, USA will never ask for sensitive information via an unsolicited email.
Enable Two Step Verification for your USA email account. 请参阅(连结至 http://naf.primerideshop.com/services/jagnet/twofactor.html

Social Engineering

威胁

Social engineering is a type of attack that leverages human kindness and may involve im人ating a USA affiliate or asking for information on behalf of one.

These methods often create fake situations that appear to be urgent in order to retrieve sensitive information, elevated permissions, or a response that would normally require an approval or verification process to provide.
These targeted attacks are commonly observed in phishing emails that request you to perform an action such as download an attached document or click on an embedded link, but can be conducted through other methods such as phone calls, social media, or in 人.

指导

给n the current environment, it's important everyone remain vigilant and not bypass proper approval channels that would normally be required by your department.

Common sense is your best defense
Verify the source of all requests before engaging in a conversation
Don’t open any unexpected attachments or click suspicious links
Be aware of the information being requested and don't give users the 'benefit of the 怀疑的
Ignore unsolicited requests for information or actions
Be aware of suspicious individuals, if you see something, say something
If your department is responsible for providing services to the USA community and you have questions on your verification processes or policies, please consult your supervisor for additional information.