HU will be closed for the Winter break from December 24th through January 1st. We encourage you to submit any urgent tickets prior to December 23rd. We will have a limited staff checking on tickets during the break, but your ticket may be delayed or addressed until our return on January 2nd. We wish you a safe and healthy holiday season!
Starting December 1st, 2020 staff and faculty may not auto-forward email to external e-mail systems. To increase protection on university-based email accounts and in line with Harrisburg University's Electronic Mail Communication Policy, features that allow automatic forwarding or automatic redirecting of emails to external e-mail systems will be disabled.
Why?
Cyber criminals are continuing to exploit user trust by the use of fraudulent phishing emails. If an account is compromised, the threat actor signs in and enables auto forwarding on the mailbox to an external account. With access to the user’s email, the threat actor can:
Craft extremely topical and convincing spear phishing messages to other users, enabling them to compromise additional accounts until the threat actor reaches the target.
Spoof convincing emails (known as BEC) to re-route payments to bank accounts they control.
Access confidential HU information such as student, personal or research data.
Business Email Compromise (BEC) is a form of social engineering in which a scammer impersonates vendors or bosses in order to trick employees into transferring funds to the wrong place. If the scammer is using auto-forward, they may be able to see specific details about projects or services being carried out and gain a better sense of the formatting, tone, and style of invoices or transfer requests This can then be used to create fake invoices for actual services that require payment
If you have any questions or concerns, please reach out to OIS.
Michael Platt
Starting December 1st, 2020 staff and faculty may not auto-forward email to external e-mail systems. To increase protection on university-based email accounts and in line with Harrisburg University's Electronic Mail Communication Policy, features that allow automatic forwarding or automatic redirecting of emails to external e-mail systems will be disabled.
Why?
Cyber criminals are continuing to exploit user trust by the use of fraudulent phishing emails. If an account is compromised, the threat actor signs in and enables auto forwarding on the mailbox to an external account. With access to the user’s email, the threat actor can:
Business Email Compromise (BEC) is a form of social engineering in which a scammer impersonates vendors or bosses in order to trick employees into transferring funds to the wrong place. If the scammer is using auto-forward, they may be able to see specific details about projects or services being carried out and gain a better sense of the formatting, tone, and style of invoices or transfer requests This can then be used to create fake invoices for actual services that require payment
If you have any questions or concerns, please reach out to OIS.
2 people like this