News

Pitt IT implements new measures to prevent phishing attacks

In light of a recent barrage of phishing and scam emails sent to student and faculty accounts, Pitt IT is implementing new security measures to help curb the problem. 

A phishing email is defined as a fraudulent email sent to gain sensitive information. The University has received an increase in phishing attacks this semester, according to the University Times. As a result, Pitt IT is implementing new policies to prevent and educate the Pitt community from falling for these scams. 

Anyone who falls victim to a phishing email is enrolled in IT’s phish security training, which consists of a 15-minute educational video. After the training, the individual is also enrolled in a phishing simulation program, where IT sends them “safe,” or simulated, phishing emails as tests for several months.

John Duska, Pitt’s interim chief information security officer, said the new measures will help train individuals to better recognize phishing scams, and keep the Pitt community safe. 

“That’s an exercise to help them recognize phish, and we can track their progress,” Duska said. “Secondly, we enable modern authentication, which is a fancy way of saying multi-factor authentication or a Duo (mobile device app verification) is required anytime a user sets up or changes access to Pitt email on a device.”

IT has also expanded anti-phishing filtering rules to all pitt.edu emails, rather than just external emails. 

Additionally, Pitt IT has expanded the definitions of phishing emails to help further educate the Pitt community. 

  • Quishing (being sent a malicious QR code) 
  • Whaling (phishing that targets the “big fish”/higher-ups in the executive suite)
  • TOAD (telephone-oriented attack delivery, which uses email to try to get you to call back with personal information)

Anne Heitke, a senior analyst with Pitt IT, said while measures are being taken to prevent further phishing attacks from happening again, individuals should still be careful. 

“The best security against social engineering is you,” Heitke said. “You can be the biggest security tool out there.”

newsdesk

Share
Published by
newsdesk

Recent Posts

Porch roof collapse injures dozens during party on Semple Street

The roof of a porch on Semple Street collapsed during a St. Patrick’s Day celebration…

2 days ago

A Good Hill to Die On // Break It Down

In this release of “A Good Hill to Die On,” I dive deep into the…

2 days ago

Who Asked? // Does growth only “count” if it’s quantifiable?

This installment of Who Asked? by staff writer Brynn Murawski wonders why it feels like…

2 days ago

“They’re throwing trans people under the bus”: Counseling center faces backlash after event name change 

On Feb. 24, Pitt’s Counseling Center faced backlash after briefly renaming an event from "LGBT…

2 days ago

Q&A: Meet the 2024-2025 SGB president and vice president 

SGB announced the 2024-2025 election results at their meeting on Tuesday. The Pitt News spoke…

2 days ago

Editorial | Pitt Administration must listen to its students’ electoral demands

The passing of these referendums does not guarantee a future Pitt with these policies. Merely,…

2 days ago