Rice University logo
 
Top blue bar image OIT News
Office of Information Technology
 
«
»

Phishing and Data Security

Before you respond to an email warning you about your account activity, status, or deletion, check two things:

  1. sender’s email address
  2. the URL, before you click it
Your departure from Rice is the only reason your Rice.edu account will be deactivated or deleted. When a student graduates or an employee leaves Rice, their NetID accounts are deactivated for security reasons. That is the only time NetID accounts are deactivated or deleted. Every other message about your account is phishing.

 

phishing: /ˈfiSHiNG/ noun, email asking you to verify your account

 

Phishing remains a big problem when it comes to protecting university data and individual identities. Educational institutions are targeted more frequently* than government organizations when it comes to cybersecurity attacks.  In a recent EDUCAUSE Live! Webinar, the Department of Homeland Security noted a trend in Intellectual Property Theft against US Academia.  In 2013, “unknown cyber actors targeted universities in US, the UK and Israel” and the attacks resulted in data losses of medical research, passwords and personally identifiable information.  In February 2014, additional data breaches targeted US universities in the Northeast.

In another case study of a higher education data breach, university employees received spear-phishing emails which led to cyber criminals stealing $48,500 by changing the destination of the employees’ direct deposit information.   The Department of Homeland Security suspects information stolen during the the Northeast data breaches in February 2014 will also be used for future spear phishing or social engineering attacks as well as identity theft.

Phishing is real.  The threat  to intellectual property and other sensitive university data is real.  Please take precautions to lower the threat posed by these attacks by deleting unsolicited messages regarding your accounts and by using your NetID password ONLY in Rice-managed accounts.

If you fall for a phishing scam, contact the IT Help Desk immediately to reset your password:  713.348.HELP (4357) or helpdesk@rice.edu. To learn more information about phishing, browse through the email module of the Information Security web site: http://infosecurity.rice.edu/.

*ECAR study, May 2014 – http://net.educause.edu/ir/library/pdf/ECP1402.pdf

This entry was posted on Friday, August 1st, 2014 at 12:19 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “Phishing and Data Security”

  1. University Culture and Data Security « IT News says:
    August 5, 2014 at 12:53 pm

    […]   IT News Technology Updates, Trends, and Innovations   « Phishing and Data Security […]