Protecting Our Campus – and Your Personal Information – from CyberattacksMay 28, 2021
The Office of Information Technology (OIT) is continually working on ensuring the security awareness and safety of faculty, staff and student personal information as well as university data. It’s up to all of us at the university to play our part in staying safe online! The most recent OIT initiatives to help maintain cybersecurity best practices are:
- Implementation of Duo for multi-factor authentication (MFA) upon login to the student and employee portals that began June 1
- MFA with Microsoft applications, including email, when used remotely and on-campus
- The newest project to help secure the university against suspicious emails – the inclusion of a warning banner to emails received from senders outside the university.
What you need to know:
New External Email Warning Banner – Week of June 28
The university has seen an elevation in suspicious email activity targeting both students and employees over the past year. A banner will be added to email messages coming from external senders into university Outlook email inboxes beginning the week of June 28.
Adding the external email warning banner (shown below) helps remind us to refrain from clicking on potentially malicious hyperlinks and protect your account from possibly being compromised.
Emails from other CU campuses and our healthcare affiliates will be considered “internal” and not include the banner which warns that the email originated from outside the organization. As always, when opening emails, be extremely cautious and question every email address and link before you click on it, even those that appear to be from within the university.
In addition to the new warning banner that you’ll see on emails from external sources, please keep in mind the following:
- Cybercriminals have become very sophisticated and can accurately spoof or fake an identity of someone at the university – a colleague, supervisor, or even the chancellor.
- Watch for suspicious emails or text messages, especially those that contain links, attachments, convey a sense of urgency, or try to entice you into taking any action. One bad click could result in the malware gaining access to CU information.
- Verify before you click. You can tell where a link goes before you click on it. Simply hover over the link with your cursor to see the destination website. If it doesn’t go to the right place or looks slightly off, don’t click. Trust your instincts.
- Never provide your username and/or passwords to anyone, whether on the phone, email, text, or any other means of communication. OIT will never ask you for your password.
If you feel you have received a phishing email, forward the message to firstname.lastname@example.org and then delete it from your inbox. Have any additional questions about cybersecurity? Contact the OIT Service Desk at 303-724-4357 (or 4-HELP if on-campus). Visit the CU Secure and Multi-Factor Authentication webpage for information about Duo Security and MFA and the Microsoft Outlook Email webpage for more information about Outlook and the external warning banner.