UTSA’s Office of Information Security Hosts Cyber Security Training

October 30, 2017



(Attendees at the “Email Phishing Scams- How to Avoid Them” training.)

 

Written by: Danicia Steele, Communications Specialist

In fall 2017, the UTSA Office of Information Security (OIS), within the Office of Information Technology, hosted its first cyber-security training course at the UTSA Main Campus to help educate UTSA faculty and staff on phishing. The training named “Email Phishing Scams- How to Avoid Them” took place in the UTSA North Paseo Building (NPB 1.408) from 2:00 p.m. - 3:00 p.m. and was led by Senior Information Security Analyst Brad Cooper.

During the training, faculty and staff were given an overview of phishing and how to avoid getting hooked by a phishing scam. Cooper educated the class on four different types of phishing attacks including smishing, vishing, spear, and pharming.

(Screenshot from “Email Phishing Scams- How to Avoid Them” training.)

Attendees were also given details on the different types of cybercriminals and what their main objective is. Cooper described the mission of the following cybercriminals:

  • Spammers - Seek to annoy the individual.
  • Hacktivist - Explore your political and social agenda.
  • Insiders – Seek revenge from within the organization.
  • Nation Status - Look to disrupt or steal government information.
  • Cyber Criminals - Seek opportunities to take your personal information for money or identity.

 

(Screenshot of phishing activity during training)

After the class was given a clear understanding of the different phishing attacks and types of cybercriminals, Cooper elaborated on the common phishing email traits users should be cautious of when receiving an email. Attendees were then able to apply their new knowledge of phishing during a hands-on activity where they were asked to identify if the email displayed was valid or a phishing scam.

Towards the end of the lesson, Cooper informed the class to always be mindful and never assume that all messages sent within UTSA are safe because a user could have been hacked. UTSA is continuously under attack for phishing. Therefore, it is essential that the UTSA community is aware of what steps to take if they receive a phishing email. Cooper recommends the following steps:

  • Don’t click on any links without hovering over it first. - Users can verify if the link and URL match when you hover over the link with your mouse.
  • Send an email to OITConnect with the original phishing email as an attachment.
  • Delete the email from the inbox and deleted items folder.
  • Inform your co-workers. However, never forward the original email as a warning.

 

If you have been hooked by a phishing scam, please contact OITConnect at oitconnect@utsa.edu or (210) 458-5555.

For more information on cybersecurity, click here.

To register for the next training in November, click here.