News

Pitt IT implements new measures to prevent phishing attacks

In light of a recent barrage of phishing and scam emails sent to student and faculty accounts, Pitt IT is implementing new security measures to help curb the problem. 

A phishing email is defined as a fraudulent email sent to gain sensitive information. The University has received an increase in phishing attacks this semester, according to the University Times. As a result, Pitt IT is implementing new policies to prevent and educate the Pitt community from falling for these scams. 

Anyone who falls victim to a phishing email is enrolled in IT’s phish security training, which consists of a 15-minute educational video. After the training, the individual is also enrolled in a phishing simulation program, where IT sends them “safe,” or simulated, phishing emails as tests for several months.

John Duska, Pitt’s interim chief information security officer, said the new measures will help train individuals to better recognize phishing scams, and keep the Pitt community safe. 

“That’s an exercise to help them recognize phish, and we can track their progress,” Duska said. “Secondly, we enable modern authentication, which is a fancy way of saying multi-factor authentication or a Duo (mobile device app verification) is required anytime a user sets up or changes access to Pitt email on a device.”

IT has also expanded anti-phishing filtering rules to all pitt.edu emails, rather than just external emails. 

Additionally, Pitt IT has expanded the definitions of phishing emails to help further educate the Pitt community. 

  • Quishing (being sent a malicious QR code) 
  • Whaling (phishing that targets the “big fish”/higher-ups in the executive suite)
  • TOAD (telephone-oriented attack delivery, which uses email to try to get you to call back with personal information)

Anne Heitke, a senior analyst with Pitt IT, said while measures are being taken to prevent further phishing attacks from happening again, individuals should still be careful. 

“The best security against social engineering is you,” Heitke said. “You can be the biggest security tool out there.”

newsdesk

Share
Published by
newsdesk

Recent Posts

Opinion | Anti-trans rhetoric strips everyone of their identity

The very existence of trans people does not pose a threat to women, but there…

10 hours ago

Opinion | The Oscar best picture ranking no one asked for

This spring break, I unfortunately had to stay alone on campus. In my desperation to…

10 hours ago

Celebrating Irish culture at Pitt with the Irish Design Center

St. Patrick’s Day weekend on Pitt’s campus is what some refer to as the spring…

20 hours ago

Column | Pitt ends a disappointing 2024-2025 campaign

What was once a season full of promise and return to glory turned into a…

20 hours ago

The Ginger Run: A perspective on the chaos and borgs from a ginger who can’t run

A gray sky, similar to the one that blankets Ireland, graced Semple Street at 2…

20 hours ago

Column | Predicting March Madness’ Cinderellas

Last night, the NCAA Tournament Selection Committee released the field of 68 teams that will…

20 hours ago