October is National Cybersecurity Awareness Month, and Vanderbilt IT has launched its annual campaign to make the Vanderbilt community aware of various security issues and how to respond to each through a series of blog posts.
New posts will be published on the VUIT News Blog throughout the month of October.
The first post focuses on ways to protect oneself from spear phishing. Spear phishing is a more sophisticated variation of phishing, where the attacker pretends to be a specific individual who is trusted and legitimate and, often, in a leadership position. Lately, VUIT has seen numerous instances where the perpetrators have pretended to be Vanderbilt leaders, such as the chancellor or provost. In these cases, and no doubt in others involving additional Vanderbilt leaders, part of the tactic has been to utilize a plausible-sounding email ID masquerading as a personal ID (for example: chancellornickzeppos@gmail.com).
VUIT continues to block as many examples of obvious malfeasance as possible from making it to employees’ inboxes, but bad actors continue to grow more sophisticated in their efforts. Therefore, it is important for everyone to use these tips to protect themselves and the university.
If you believe you are the recipient of a phishing email, please forward it to phishing@vanderbilt.edu.
Please check the VUIT News Blog frequently to stay abreast of the tools you can use to protect yourself from cybersecurity attacks. For additional information about how to protect yourself, contact VUIT Security Operations at vuit.security.operations@vanderbilt.edu.