To help protect the information assets of the university, ICIT provides security solutions for the network, endpoints, cloud and UW-Whitewater applications. ICIT also promotes security awareness education and provides best practices to help protect the university and your personal information.
To report an IT security incident or concern, like lost or stolen devices, ransomware, compromised accounts, and data breaches, contact the Help Desk at 262-472-HELP(4357) or via email at email@example.com.
If you receive a suspicious email - DO NOT OPEN ANY ATTACHMENTS, CLICK LINKS OR REPLY TO THE EMAIL.
The best way to combat malicious emails is to report them so they can be blocked from the campus email server and reported to appropriate watchdog agencies. Using the method below helps retain forensic information used to combat phishing and other types of malicious emails. If you are unable report suspicious emails using the methods described below, you can also forward the message to: firstname.lastname@example.org.
If you accidentally click on a link of a suspicious email or share your credentials, immediately contact the Help Desk. In the event that your email account is compromised, ICIT will reset your password and freeze outgoing email functionality in order to protect other users. Once ICIT cleans up your account, it may take up to two business days for outgoing email access to be restored. You will be required to take supplemental Security Awareness Training if your account is compromised.
Report your lost or stolen campus-owned device to the Helpdesk at 262-472-HELP (4357) or via email at email@example.com as soon as possible. The sooner it's reported the greater the chance of recovering the item.
Let the Helpdesk know if any moderate or high risk data was stored on the device. If you suspect the device was stolen a police report should be filed and the information provided to the Helpdesk.
To help maintain the highest levels of network security, ICIT employs multiple methods of protecting the campus community from new and potential threats.
Cisco Umbrella is a cloud-delivered security service. Cisco Umbrella uses the internet's infrastructure to block malicious destinations before a connection is ever established. The software acts as a filter in order to stop users from visiting any malicious, vulnerable, or compromised websites.
All requests to remove an Umbrella block on a webpage need to be submitted via the Umbrella block page that appears when a webpage is blocked.
Cloudlock is a cloud-based service that helps protect users and data in the cloud.
When Cloudlock identifies activities outside allowed countries or spots actions that seem to take place at impossible speeds across distances the account is flagged for suspicious activity. To protect UW-Whitewater data assets the password on the account is reset. The account owner is notified their password has been reset and asked to contact the ICIT Helpdesk.
In compliance with UW System Administrative Procedure 1031.B Information Security: Data Protections Cloudlock monitors cloud environments to detect and secure sensitive information. When potentially sensitive information is identified the owner of the file(s) is notified and given 7 days to move the file to a secure network drive, remove the sensitive information, or determine it is a false positive. After 7 days the file is deleted from the cloud.
In an ongoing effort to combat phishing and email scams, ICIT has enhanced its external email tag to help identify when an email originates from an off-campus address. The goal of this external tag is to help faculty, staff, and students better identify potential phishing attempts and keep the UW-W community safe from cyber-attacks. The external tag will appear at the top of the email body in all caps and in bold reading, EXTERNAL EMAIL.
When you see this tag, remember this two-step verification process:
Ironport is a network-based anti-spam service that discards emails that have a high probability of being spam. Ironport places questionable emails into quarantine so users can determine if the emails are spam. Users receive a daily message notifying them of their potential spam list. The quarantined messages will remain in your inbox for approximately 7-14 days.
The UW-Whitewater Ironport Service allows three different levels of anti-spam filtering: Low, Medium, and High. The default setting is "High." Users can adjust their spam filtering by using the self-service option to the right. Ironport also allows users to identify senders as either "safe" (not to be flagged as possible spam), or "blocked" (always to be flagged as possible spam).
To help maintain the highest levels of network security, ICIT employs a multi-pronged approach to information security. In particular, ICIT:
To better understand how campus policies and practices interface with UW System Administration policy as well as recommendations by security consultants, we encourage you to review: Cybersecurity: Everyone’s Responsibility.
Additional resources to help protect yourself online.
Cyber attacks are malicious attempts to access or damage a computer or network system. Cyber attacks can lead to loss of money, theft of personal, financial, and medical information that can damage your reputation and safety. As part of the UW-W community, we must work together to keep our campus safe and secure when it comes to the threat of cyberattacks.
Cyber attacks can occur in several ways, including:
You can avoid cyber risks by staying alert, and being prepared. The following are things you can do to protect yourself, your family, and your property before a cyberattack occurs:
ICIT maintains an anti-spam service that blocks thousands of spam messages each week, however, the tactics being used to disseminate phishing scams and malicious email attachments are becoming increasingly complex, allowing some messages to evade the anti-spam filters. For some quick tips on Phishing, check out our "Click Wisely" PDF.
Check out some additional resources to help you catch those Phish!
Phishing scams are designed to trick recipients into sharing login credentials in order to gain access to the recipients account. Another common method of gaining access to sensitive information is to send the recipient an attachment containing a virus that infects the computer. The viruses can be designed to:
The senders of these malicious emails typically go to great lengths to make the malicious email look like a legitimate email. Often this is accomplished by using a logo or branding from a legitimate company or entity, or by "spoofing" a trusted email address to make it the email appear legitimate. Once an email account is compromised, it is often used to bombard other email users with the same malicious email.
This phishing message attempts to mimic a common automated message.
This phishing email attempts to mimic a message from a real company by utilizing the company's logo in the email header. Users who click the link are rerouted to a legitimate-looking webpage asking them to login. Rather than logging into the company's portal, the user is inadvertently providing their login credentials (e.g. - NetID and password).
This malicious email spoofs a UWW.edu email address in an attempt to make it appear like it was sent from a campus email account. The file attached to this email contained a virus.
This phishing email attempts to leverage an existing company's brand in order to appear legitimate. Notice how another compromised account was used to send this malicious email
If you receive an unsolicited job offer via email, there is a good chance it may be phony. Especially if it is too good to be true.
Here is how employment scams work:
Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
Tips for Avoiding Ransomware
The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.