Information Security

In a world that’s built on technology, nothing is more important than security. Your small actions make a big difference for your security, both at home and at Johnson & Wales.

 


 

BEWARE OF THE IRS SCAMS THIS TAX SEASON!!!

Filing taxes can be complicated, and scammers know that stressed out people are more likely to fall for phishing scams, so with tax season upon us, it is important to stay up-to-date on all the different methods someone might use to try and steal from you, as-well as simple things to look out for to identify a possible scam. One common tactic used is where a scammer will make aggressive calls posing as an IRS agent in hopes of intimidating you into sending money, and revealing personal information. Keep in mind if you ever receive a call like this that the IRS will never call you unexpectedly, so any such calls should raise an immediate red flag. Another method that scammers might use is promising to settle your debt with the IRS for “pennies-on-the-dollar”. While they promise to settle your debt, they will try to force you to pay thousands of dollars for their fake service. Keep in mind that the IRS has their own settlement program, but again, they will not call you unexpectedly. On top of the repeated and over-used scam calls, scammers create new variations of tax-related scams every year to try and up their success rate. One that is going around is where a scammer leaves a voicemail threatening to suspend and/or terminate your Social Security Number (SSN) unless the call is returned. Once you call back, the scammer will request personal information and a payment. The important thing to remember for this scam is that not even the IRS has the ability to ‘terminate’ a SSN, so if anyone threatens to do such a thing, chances are it is a scam. If you are ever in a situation where you are unsure if a phone call is legitimate or not, hang up the phone and call the company/organization directly through a customer support phone number – this way you can verify if it was a legitimate call.

If you suspect any such fraud IMMEDIATELY report it to us at phishing@jwu.edu Be CyberSafe!


Cybersecurity Alert-Ransomware Phishing Attacks

Dear Johnson & Wales University Faculty, Staff and Students,

The Office of Information Security Services (ISS) has seen a surge in ransomware attacks targeting colleges and universities resulting in network outages, theft of sensitive information and blocking access to essential data systems through encryption. Cybercriminals then demand payment in exchange for returning access to the targeted institution. Email phishing attacks are one of the most common and most successful attack vector cybercriminals are utilizing.

These sophisticated email phishing attacks are tailored to the target environment by leveraging current events and impersonating well known university individuals. These emails will appear to be from legitimate university and external sources and attempt to trick you into responding to the email message and submitting your login credentials (i.e. username and password) on webpages which appear to be legitimate.

The university has made significant and ongoing investments in information security technologies. Unfortunately, technology can address only a fraction of the information security risks the university faces. Therefore, JWU needs you to do your part to help protect against this ongoing threat. Here are a few tips to follow:

  • External Email Warning banner - while most messages from outside of the university network will contain the “External Email Warning” header, always carefully check the sender email address even if the email looks legitimate. The lack of a warning header should not be viewed as an automatic validation of the legitimacy of a received email. No technical control such as the “External Email Warning” is beyond compromise or bypass by Cybercriminals.
  • Use Caution - when opening any attachments in an email. Any email claiming to be from JWU will have the @jwu.edu domain name.
  • Report an Incident - if you receive an email that appears to be suspicious or is from a sender that you are unfamiliar with and directs you to open an attachment, report it by forwarding to phishing@jwu.edu and delete it from your inbox.
  • Create a ticket with IT by calling 1-866-598-4357 or 401-JWU-HELP (401-598-4357), or going to our report page. After submitting the email for review, do not click on any links in the email or open any attachments.
  • Reset Password - if you have submitted your network credentials to a suspicious website, immediately reset your password via SSPR or have it reset by IT.

Sincerely,

Nicholas M. Tella, MPA, CISM, CRISC
Director of Information Security

 


 

Information

The Office of Information Security Services (ISS) aims to facilitate and further the Mission and Guiding Principles of the University while maximizing the confidentiality, integrity, and availability of the JWU’s distributed information technology assets, systems, networks, and data.

Be aware... Click it with care

Care to be aware!

Report an Incident

Don’t be Quick to Click…beware of the emails that intend to steal your valuable information

Looking for resources to help
you understand security better? We've got you covered.

Feel there’s something odd in the email or your account? Please report the incident and our team of experts will take a look at it for you.

Learn More

Resources

Report