Information Security

In a world that’s built on technology, nothing is more important than security. Your small actions make a big difference for your security, both at home and at Johnson & Wales.

 


Alerts

~ October is National Cybersecurity Awareness Month ~

 

Theme of the Week  – Fight the Phish

Phishing attacks account for more than 80% of reported security incidents. This statistic highlights the importance of being careful around emails and texts from unexpected people. Furthermore, more than 90% of phishing attacks are carried out via email, a known method of phishing attacks. A common identifying factor in these emails is the urgency of the subject line combined with grammatical errors. Phishing attack methods ranges from smishing (SMS / text messages) to vishing (voice) and phishing based on social media platforms. Phishing is not only a social engineering method to obtain confidential information, but also a method to deliver malicious software to your device. Read more about it here. Information security is everyone's responsibility.

Useful Resources

Stay tuned for more updates throughout the month and learn how to #BeCyberSmart. Want to check past themes? Visit here 

Follow us on twitter @JWUITSecurity

 


Cybersecurity Alert-Ransomware Phishing Attacks

Dear Johnson & Wales University Faculty, Staff and Students,

The Office of Information Security Services (ISS) has seen a surge in ransomware attacks targeting colleges and universities resulting in network outages, theft of sensitive information and blocking access to essential data systems through encryption. Cybercriminals then demand payment in exchange for returning access to the targeted institution. Email phishing attacks are one of the most common and most successful attack vector cybercriminals are utilizing.

These sophisticated email phishing attacks are tailored to the target environment by leveraging current events and impersonating well known university individuals. These emails will appear to be from legitimate university and external sources and attempt to trick you into responding to the email message and submitting your login credentials (i.e. username and password) on webpages which appear to be legitimate.

The university has made significant and ongoing investments in information security technologies. Unfortunately, technology can address only a fraction of the information security risks the university faces. Therefore, JWU needs you to do your part to help protect against this ongoing threat. Here are a few tips to follow:

  • External Email Warning banner - while most messages from outside of the university network will contain the “External Email Warning” header, always carefully check the sender email address even if the email looks legitimate. The lack of a warning header should not be viewed as an automatic validation of the legitimacy of a received email. No technical control such as the “External Email Warning” is beyond compromise or bypass by Cybercriminals.
  • Use Caution - when opening any attachments in an email. Any email claiming to be from JWU will have the @jwu.edu domain name.
  • Report an Incident - if you receive an email that appears to be suspicious or is from a sender that you are unfamiliar with and directs you to open an attachment, report it by forwarding to phishing@jwu.edu and delete it from your inbox.
  • Create a ticket with IT by calling 1-866-598-4357 or 401-JWU-HELP (401-598-4357), or going to our report page. After submitting the email for review, do not click on any links in the email or open any attachments.
  • Reset Password - if you have submitted your network credentials to a suspicious website, immediately reset your password via SSPR or have it reset by IT.

Sincerely,

Nicholas M. Tella, MPA, CISM, CRISC
Director of Information Security

 


 

Information

The Office of Information Security Services (ISS) aims to facilitate and further the Mission and Guiding Principles of the University while maximizing the confidentiality, integrity, and availability of the JWU’s distributed information technology assets, systems, networks, and data.

Be aware... Click it with care

Care to be aware!

Report an Incident

Don’t be Quick to Click…beware of the emails that intend to steal your valuable information

Looking for resources to help
you understand security better? We've got you covered.

Feel there’s something odd in the email or your account? Please report the incident and our team of experts will take a look at it for you.

Learn More

Resources

Report