We love our smart devices – thermostats that learn our habits, refrigerators that order groceries – but with all that convenience comes a little responsibility: security. Here’s the thing: smart tech relies on data, and that data needs protection.
Imagine your smart devices are like chatty friends, constantly exchanging information to get things done. While that’s how they work, it also means there’s a chance for someone to eavesdrop and steal your data. Read more for some tips on keeping smart devices secure.

Social engineering attacks, most commonly known as phishing, are delivered in many different ways. Phishing = emails. Smishing = text messaging. Vishing = voice scams or phone calls. No matter the delivery, there are common clues you can spot. Read more for these clues so you are better prepared to handle these attacks.

Even before news broke that the DOJ was suing Live Nation, the parent company of TicketMaster, cautions were announced about purchasing tickets for live events this summer. Scammers have used bogus ticketing sites to lure people with “too good to be true” scams, offering tickets to popular events at discounted prices. Read more for information about these scams

DUO Fatigue, or MFA (multi-factor authentication) fatigue occurs when you’ve gotten so used to hitting “Accept” when a push comes through, you do it automatically even if you don’t initiate the push. It also occurs when you are bombarded with push notifications and you just want it to stop, so you finally accept it. Both scenarios are usually bad actors who already have your compromised credentials and need to get through that final layer of protection to get to your information. Our campus and other UT campuses have seen a rise in these attacks, so BE CAUTIOUS in accepting DUO pushes. Read more about the scenario happening in our environment that is costing our people money.

Cybercriminals often use text messages to try and trick you into clicking on malicious links, a method known as “Smishing.” Recent reported scams include sending a fake text message that says a package is unable to be delivered to you. Read more about this and what signs to look for in identifying these types of scams.

With the advent of generative natural language models like ChatGPT, also known as artificial intelligence or AI, scammers can create increasingly convincing phishing emails. AI-generated messages can be produced more quickly and with far fewer grammar and spelling mistakes. To make matters worse, phishers can use personal information to send spear-phishing emails – phishing attempts targeted at a particular individual – that are much harder to distinguish from non-phishing emails. The silver lining is that AI only improves the effectiveness of the main body of the email; scammers will still have to resort to the usual tactics of sending from suspicious email addresses, scaring recipients with an urgent tone, and including malicious links. As always, double-check the addresses of urgent messages and avoid clicking links unless you are certain the sender is safe. Forward any suspicious communications to abuse@uthsc.edu for examination. 

We all get emails that fill our inboxes with information you don’t want or need. The most direct and effective way to handle unwanted emails is to block the sender. Blocking the sender allows you to put these email addresses on a block list, so future emails will be placed in the “Junk Email” folder. Any suspicious email should always be forwarded to abuse@uthsc.edu for examination. Read more about how to block senders in Outlook and where to find information on blocking in other platforms like Gmail or Yahoo.

Spending time each month or quarter to ensure your computer is working to the best of its ability reduces risk and mitigates damage from cyberattacks and crashes. Read more for some tasks you should perform during your Spring Cleaning!