News

Pitt IT implements new measures to prevent phishing attacks

In light of a recent barrage of phishing and scam emails sent to student and faculty accounts, Pitt IT is implementing new security measures to help curb the problem. 

A phishing email is defined as a fraudulent email sent to gain sensitive information. The University has received an increase in phishing attacks this semester, according to the University Times. As a result, Pitt IT is implementing new policies to prevent and educate the Pitt community from falling for these scams. 

Anyone who falls victim to a phishing email is enrolled in IT’s phish security training, which consists of a 15-minute educational video. After the training, the individual is also enrolled in a phishing simulation program, where IT sends them “safe,” or simulated, phishing emails as tests for several months.

John Duska, Pitt’s interim chief information security officer, said the new measures will help train individuals to better recognize phishing scams, and keep the Pitt community safe. 

“That’s an exercise to help them recognize phish, and we can track their progress,” Duska said. “Secondly, we enable modern authentication, which is a fancy way of saying multi-factor authentication or a Duo (mobile device app verification) is required anytime a user sets up or changes access to Pitt email on a device.”

IT has also expanded anti-phishing filtering rules to all pitt.edu emails, rather than just external emails. 

Additionally, Pitt IT has expanded the definitions of phishing emails to help further educate the Pitt community. 

  • Quishing (being sent a malicious QR code) 
  • Whaling (phishing that targets the “big fish”/higher-ups in the executive suite)
  • TOAD (telephone-oriented attack delivery, which uses email to try to get you to call back with personal information)

Anne Heitke, a senior analyst with Pitt IT, said while measures are being taken to prevent further phishing attacks from happening again, individuals should still be careful. 

“The best security against social engineering is you,” Heitke said. “You can be the biggest security tool out there.”

newsdesk

Share
Published by
newsdesk

Recent Posts

A look into Trump’s policies as the 47th president of the United States

In the early hours of Wednesday, Nov. 6, former president Donald Trump was elected the…

1 day ago

College Democrats and Republicans at Pitt reflect on 2024 presidential election efforts

As the results trickle in from the 2024 presidential election, College Democrats at Pitt and…

2 days ago

Students, professors prepare for tense election night

Pitt students and professor discuss their plans for watching the 2024 presidential election Tuesday night,…

2 days ago

Guests at Dave McCormick watch party feeling “cautiously optimistic”

Roughly 250 invited guests attended a Dave McCormick watch party event on Nov. 5 at…

2 days ago

Summer Lee re-elected for U.S. Representative in PA’s 12th Congressional District

At 8:12 p.m. on Tuesday evening, incumbent Summer Lee was declared winner against James Hayes…

2 days ago

Photos: Election Day around Pittsburgh

Pittsburgh voters took to polling locations around the city on Election Tuesday, Nov. 5, 2024.…

2 days ago