Dear UO faculty, staff, GEs, and student employees,
We're pleased to introduce a pair of new measures to help you protect your accounts and devices, both at home and at the University of Oregon.
We are offering new cybersecurity awareness training and will soon conduct simulated email phishing educational campaigns. By educating ourselves, we can help reduce the likelihood of cybercriminals stealing our money, identities, or intellectual property.
These two efforts are among the projects begun in 2019 by the Information Security Office to fortify UO's defenses against cyberattacks. Since then, our team has implemented Duo two-step login, URL link protection in email, and numerous behind-the-scenes measures to better protect you and the university.
But however much we strengthen our technological protections, a small percentage of scams will get through. For that reason, you will always play a critical role in your own cyberdefense.
Cybersecurity Awareness Training
- The training consists of nine short modules, divided into three blocks, on topics such as passwords, email, remote work, device security, and multifactor authentication.
- Learn which actions are most important to keep yourself and the university secure.
- Any UO employee can now enroll in this training through MyTrack. Some departments may ask their employees to take the training to satisfy regulatory requirements.
A phishing scheme attempts to trick you into sharing sensitive information with a cybercriminal, who can then steal money, identities, or intellectual property, or gain unauthorized access to UO systems and data.
Unfortunately, phishing scams grow ever more sophisticated in their attempts to reel you in.
One effective way to increase our awareness of phishing messages is through simulated phishing emails. These simulations mimic real-world phishing attacks through techniques such as:
- Requesting personal data such as passwords or bank account details.
- Asking you to click on a suspicious link or download a suspicious attachment.
- Urging you to make a fraudulent wire transfer or otherwise compromise the university.
In the coming weeks, the Information Security Office plans to start a regular program of educational phishing simulations for UO faculty, staff, graduate employees, and student employees.
These simulations will help all of us learn how to stay vigilant and identify malicious intent. They'll also help our office plan the best educational initiatives for the UO and prevent real-world losses for you and your colleagues.