NSights Blog

Abuse@unr.edu: How you can help the Department of Information Security

Information Security Department counsels campus to take time, study emails closely before replying

Your money, your personal information, your privacy - all are under constant attack. Cybersecurity is a major issue facing everyone today. Here at the University of Nevada, Reno, our Information Security department is fighting back. "Security is done in layers," says Chief Information Security Officer Jeff Springer. "So, if one layer falls, the next layer is in place to try and stop it."

While he can't get into all the specific details of how he and his team fight back against cybersecurity threats, Springer does recommend that the typical user help protect themselves by being proactive. The University has a website with training materials that can help people learn what to look for in emails. "People are cognitively busy and bad actors take advantage of that," Jeff adds. "They know you don't have a lot of attention to spare," so, they end up sending emails that are meant to reach you when you're likely already busy. His advice is to slow down and really examine the emails you receive, especially if they are asking you to do something.

The Information Security department has an in-depth article on Identifying Spam and Phishing Attempts. The department's job is to respond to incidents or attacks, to identify vulnerable or compromised systems, to train, advise, or make recommendations to the Office of Information Technology (OIT) and the University as a whole regarding security best practices, and to identify and help manage organizational information technology risks. It's important to note that other departments within OIT actually manage, maintain, and configure operational systems used by staff, administrators, and students.

The three biggest security threats we are currently facing are phishing scams in the form of wire transfers, gift card scams, and credential harvesting. In the last six months alone, over 1,800 security-related events have been reported to the email address abuse@unr.edu. This email address was created in order to give users a way to contact the Information Security department with examples of specific scams they have received. (If you ever receive a suspicious looking email, please forward it to abuse@unr.edu.)

An easy way for folks to keep themselves a bit safer is to use their University-provided Office 365 email account. That account is the safest and most secure means of using email because it has additional security monitoring for threats. It is also the only authorized email account to use for university business. People often forward their university email to a private email account like a Gmail account, but in doing so they miss out on some of the additional security provided by the university.

The email address account abuse@unr.edu was established as part of our national online relationship. That account along with a few others like webmaster@unr.edu are part of a national standard naming convention used for companies and organizations. It was created over 20 years ago as a way for those outside of the university to report back to us if someone within it was sending out spam.

The idea is that if every company or organization has that set of standard mailboxes that people could easily communicate about misconduct without searching wide and far for the proper contact. The abuse account was a way to let others alert us that something was amiss. The roles have now been somewhat reversed. More often than not, that account today helps internal users report spam and phishing attacks that are sent to them from outside the University.

Our security team occasionally tracks down and identifies threats of a significant nature. They report them to law enforcement, including at times the Federal Bureau of Investigation. With the constant inundation of malicious emails received by the thousands of email accounts on campus, there is simply no way to keep all the spam and phishing scams away. Luckily for us here at the University, the Office of Information Technology has multiple security layers in place. There are layers to keep the emails from reaching inboxes, but if that fails then there are layers to keep the links from working, then layers to stop things from downloading, and so on and so forth. The layers of security in place keep most of the threats at bay.

As a reminder, the best practice is to set a strong email password, to keep it safe and secure, slow down and examine emails before you open attachments or click on links, and to use your university provided email account through Office 365. We all have a chance to help fight against malicious email attacks.

Angela Rudolph