Hello UMBC Community!

The Cybersecurity Assurance and Digital Trust Department (CADT) in the Division of Information Technology is tracking an active phishing campaign that has impacted our campus community. This particular phishing campaign is targeting users with a phishing link that leads to a webpage resembling the log in page for myUMBC. 

Compromised users have been notified and their account passwords scrambled to safeguard their accounts. They have also received personalized myUMBC posts informing them of the events.

If you have received notices from CADT, make sure you change your password to a long, unique value that you have not used on myUMBC or other services in the past. It is important that you do not provide attackers with your DUO two-factor authentication codes or accept push notifications you have not initiated.

Users who believe they have already clicked on the phishing links should change their passwords immediately and contact security@umbc.edu to report the phishing email.

Thank you for assisting us in keeping the campus community safe!

Dear UMBC Community,

It has come to our attention that a new wave of a popular scam has emerged. Scammers are impersonating faculty or someone with a high degree of trust among the community. In some cases, this may appear to come from a UMBC account.

The scam usually begins with a story of someone with a few high-value items going through a rough patch of life. The story claims that the person lost a loved one who owned high-value items or is relocating and has to empty their apartment of valuable items ASAP. They go on to "generously" offer those high-priced items for FREE!

These items can be an expensive digital camera, a pricey violin, a collector's guitar, or a cherished baby grand piano. But it wouldn't be a scam if there wasn't a catch. The scammers only ask you to cover the shipping costs for delivering the items to your location. They generally ask that you contact them outside of the UMBC.edu domain, either via email or phone. Once an external contact is established, scammers build rapport and ask for personal information, such as mailing addresses, to process a "shipping fee."

Once a payment is made to scammers, users are generally ghosted and calls/texts go unanswered. If you believe you have been a victim to such a scam, please contact law enforcement for assistance.

Be vigilant and look for the following signs:

• A story that is too good to be true ("granny was a musical prodigy and we are giving away her collection for free!")
• Urgency in communication ("items are only available to the first person who reaches out!")
• Moving to outside platforms ("text me on my cell number!")
• Unusual request for personally identifiable information ("What's your mailing address?")
• Financial requests that are not secure or traceable ("send me the money via a digital wallet!")

For more information about this, please refer to these resources: 

1. How can I identify phishing?
2. How Can I Avoid Identity Theft?

If you suspect a phishing or scam attempt, do not reply, click any links, open any attachments, or provide your information. Instead, forward the email immediately to the security team at security@umbc.edu. Your report helps protect everyone!

Thank you all for your continued awareness and assistance in keeping our community secure.

Cybersecurity Assurance and Digital Trust
UMBC Division of Information Technology (DoIT)

Dear UMBC Community,

Imagine a stranger secretly using your home internet or your laptop to hide their tracks. Recently, security experts have found that certain apps are doing exactly that! They are secretly turning personal devices into "digital masks" for cybercriminals. 

When you download a seemingly harmless app, it may contain hidden code that shares your internet connection with a global network of hackers. This makes their activity look like it is coming from your device and our campus.

How to spot strange activity on your device:

Your device might be working for someone else if you notice: 

• Performance Issues: Your phone or laptop suddenly runs slowly, gets hot for no reason, or has a battery that dies much faster than usual.
• High Data Usage: You see a massive spike in your internet data usage that you can't explain. 

Tips to keep your tech private: 

• Look Before You Click: Even in official app stores, check the reviews. If a simple app (like a flashlight or a calculator) asks for permission to access your files, contacts, or location, it's a red flag. 
• Beware of the "Too Good to Be True": Be skeptical of "cracked" software or free versions of paid apps. They often come with a hidden "tax" on your security. 
• Cheap Smart Tech: Very inexpensive "Smart Home" or Internet of Things (IoT) devices often have weak security, making them easy targets for hackers. 

What to do if you suspect trouble: 

If your device is acting strangely or you receive a suspicious email, do not click any links. Please forward any suspicious emails to the security team at security@umbc.edu.  

If you suspect a phishing or cybersecurity attempt, do not reply, click any links, or open any attachments. Instead, forward the email immediately to the security team at security@umbc.edu. Your report helps protect everyone!

Thank you all for your continued awareness and assistance in keeping our community secure.

Cybersecurity Assurance and Digital Trust
UMBC Division of Information Technology (DoIT)

Hello UMBC,

Cybersecurity isn't just a task for IT, it's a 24/7 commitment for our entire community. To help you navigate the ever-changing digital landscape, we are excited to launch the first edition of our cybersecurity newsletter.

In this inaugural issue, we dive into:

• Phishing Defense: How to spot "too good to be true" offers and urgent scams.
• Travel Safety: Keeping your data secure while researching or vacationing abroad.
• Latest Threats: Why you should be wary of TikTok scams and "Quishing" (QR code phishing).
• Policy Updates: Key changes to UMBC's Acceptable Use and Data Protection policies.

Read the newsletter attached!

Remember: If an email feels "off," it probably is. Forward suspicious messages to security@umbc.edu and help keep our campus secure.

Stay smart and stay safe!

 - Stacy Cahill

Chief Information Security Officer

University of Maryland, Baltimore County

Hello UMBC Community!

During the last semester, we observed a steady stream of phishing attacks that attempted to trick users into providing their user IDs, passwords, and multifactor codes on fake login pages. In many cases, the fake login pages looked just like the real thing, and the only clue that something was amiss was the URL in the address bar. Once a user's login credentials have been obtained, an attacker can access the user's account to alter personal or financial information. This change often serves as the initial move in executing a financial scam.

As the winter break is underway and the new semester approaches, now is a great time to perform a cybersecurity check-up on your myUMBC and BankMobile accounts. 

Please follow these general tips to safeguard your accounts and funds:

1. Periodically Verify Your Personal Information: Log into your accounts and make sure all your information, such as linked financial accounts, billing address, phone number, and email addresses are correct. If you are expecting payments, validate that the bank account where the funds will be deposited looks correct.

2. Use Strong & Unique Passwords: Never reuse your UMBC password on other platforms — including financial services such as BankMobile. Create unique passwords for each separate account. Changing your passwords periodically can also help safeguard your account if an attacker has gained access to your password.

3. Check the Link: Look over URLs and ensure you are accessing a trusted service. If you see a login page but the URL does not look legitimate, do not provide your password or MFA codes. It is best practice to bookmark trusted services to navigate to them directly. 

4. Don't Give Away Your Secrets: UMBC and your financial institutions will never call, email, or text you to ask for your password or Multi-Factor Authentication (MFA) codes. If you receive a Duo push that you did not initiate, do not approve the request and report it as fraudulent.

If you give someone your password and MFA codes, you are handing them the keys to your account. This could result in financial loss or unauthorized activity for which you may be held responsible.

If you see something, say something! Report all phishing emails to security@umbc.edu.

Stay smart, stay safe!

Greetings UMBC Community,

We have been seeing an increase in Google Calendar being used as a new type of method for phishing. In several instances, these calendar invites are added to a user's calendar without their permission, leaving the user confused as to how the invite appeared and potentially exposing the calendar to other cybersecurity threats. These calendar invites may contain phishing links or malicious content that could be disguised as a legitimate meeting or event.

On December 19th, we will be updating our default settings for Calendar invites. Events from individuals external to UMBC will only be added to your calendar automatically if they are from a known sender or if you manually approve them from your email inbox. To make a sender known, you can click "I know the sender" on their calendar invite. Remember to always report spam if you see a calendar invite that looks suspicious.

If you wish to revert the settings on your calendar to the original setting to accept calendar invites from everyone, you can do so by following the instructions in this FAQ after December 20, 2025.

As winter break is approaching, here are also some cybersecurity reminders to help keep your UMBC account safe:

• Update and shut down all computers that will be unused for the duration of the break,

• Keep an eye out for phishing emails and report them to security@umbc.edu,

• Please validate that before signing into a UMBC-related website from a link, always hover over the link first and ensure the domain in the URL clearly contains "umbc.edu",

• Use the GlobalProtect VPN if you are a staff member working from off-campus.

If you have questions regarding this change you can reach out to security@umbc.edu. We wish everyone a happy and safe Winter Break.

The Cybersecurity Assurance and Digital Trust Department (CADT) in the Division of Information Technology is tracking multiple active phishing campaigns that have impacted our campus community. If you received a message regarding deactivation of your account, please be aware this is a phishing message. Additionally, DoIT is not giving away any welding tools (sorry).

Compromised users are being notified and their account passwords scrambled to safeguard their accounts. They are also receiving personalized myUMBC posts informing them of the events.

If you have received notices from CADT, make sure you change your password to a long, unique value that you have not used on myUMBC or other services in the past. It is important that you do not provide attackers with your DUO two-factor authentication codes or accept push notifications you have not initiated.

Users who believe they have already clicked on the phishing links should contact security@umbc.edu to report the phishing email.

Thank you for assisting us in keeping the campus community safe!

Hello UMBC Community!

The Cybersecurity Assurance and Digital Trust Department (CADT) in the Division of Information Technology is tracking an active phishing campaign that has impacted our campus community. This particular phishing campaign is targeting users with a phishing link that leads to a webpage resembling myUMBC. Examples of the phishing emails can be found at the end of this post.

Compromised users have been notified and their account passwords scrambled to safeguard their accounts. They have also received personalized myUMBC posts informing them of the events.

If you have received notices from CADT, make sure you change your password to a long, unique value that you have not used on myUMBC or other services in the past. It is important that you do not provide attackers with your DUO two-factor authentication codes or accept push notifications you have not initiated.

Users who believe they have already clicked on the phishing links should contact security@umbc.edu to report the phishing email.

Thank you for assisting us in keeping the campus community safe!

Hello UMBC Community!

The Cybersecurity Assurance and Digital Trust Department in the Division of Information Technology has some tips for you to stay safe from financial scams that have recently taken place.

Attackers send phishing emails to trick unsuspecting victims into providing their user ID, password, and multifactor codes. Often, these phishing lures contain a link that redirects the user to a login page.

DoIT has observed cases where the attackers are mirroring legitimate login screens to capture credentials and multifactor authentication (MFA) codes in real time. The only indicator that something is amiss is the URL in the address bar.

Follow these general tips to safeguard your financial data and funds:

1. Use Strong & Unique Passwords: Never reuse your UMBC password on other platforms — including financial services such as BankMobile. Create unique passwords for each separate account.
2. Periodically Verify Your Personal Information: Log into your accounts and make sure all your information, such as linked financial accounts, billing address, phone number, and email addresses are correct.
3. Check the Link: Look over URLs and ensure you are accessing a trusted service. If you see a login page but the URL does not look legitimate, do not provide your password or MFA codes. It is best practice to bookmark trusted services to navigate to them directly.
4. Don't Give Away Your Secrets: UMBC and your financial institutions will never call, email, or text you to ask for your password or MFA codes.

If you give someone your password and MFA codes, you are handing them the keys to your account. This could result in financial loss or unauthorized activity for which you may be held responsible.

If you see something, say something! Report all phishing emails to security@umbc.edu.

Stay smart, stay safe!

Hello UMBC Community!

Join us today from 12:00 to 1:00 pm in the breezeway near the Commons to learn more and receive giveaways! We have a f(ph)ishing game and Swedish fish.

As part of Cybersecurity Awareness Month, we want to highlight a new tactic cybercriminals are using called ClickFix. This attack disguises itself as an error message or system alert that looks like it comes from your operating system. The message then instructs you to copy and paste a command into your terminal or command prompt.

Please remember:

1. Never copy or paste commands from a pop-up window or website.
2. If you see a suspicious alert, close the window or browser tab immediately.
3. Report the incident to security@umbc.edu right away so we can investigate.
4. If you have already entered a command, disconnect from the internet and stop using your device until security reviews it.

ClickFix relies on tricking users into taking action. By staying cautious and reporting anything unusual, you help protect both yourself and our organization.

Report the event to the security team at security@umbc.edu. Your report helps protect everyone!

Thank you for staying vigilant and keeping security a priority.