New IRS phishing scam, continued ransomware attacks on education orgs

Posted on April 2, 2021 by lparmet

We are writing about two important security topics that you may have seen in the news.

There is an IRS impersonation scam that is currently targeting students and employees with .edu email addresses.  Subject lines may include “Tax Refund Payment” or “Recalculation of your tax refund payment.”  If you receive such an email, do not click on the link.  Go directly to the IRS website to check on your refund status.

You may have seen the Inside Higher Ed article today titled “Brown Suspends IT Systems Amid Cybersecurity Threat”. We do not have full details, but the breach seems to be serious enough for them to curtail access to several important services. This seems to resemble similar incidents recently at other Higher Ed institutions where Ransomware was implicated. 

We therefore want to reiterate a number of important prevention tips that we had sent in a communication recently – we recently posted. Some of the software protections mentioned below are automatically installed on College provided computers, however, you may or may not have licensed the same for your home computers. We strongly advise you to consider licensing them and installing them in your home computers also. We also strongly suggest that you do not use your personal computers to connect to the College systems, especially if those computers do not have the appropriate safeguards and protections. 

To help prevent ransomware attacks:

  • Run your Windows or macOS updates as soon as they’re available. 
  • Keep your anti-virus (e.g. ESET, Microsoft Defender) and/or anti-malware software (e.g. Malwarebytes) updated, with regular scans.
  • Do not click on suspicious links in email.
  • Do not open shared Google documents or email attachments that are embedded in an email unless you are expecting them and follow up with the sender when in doubt. 
  • Every time you see a link that is mailed to you, if you have any doubts at all about its legitimacy, mouseover the link to see if it is a legitimate URL (if it is a link to a Google Doc, it must be a google.com URL, for example).
  • If you are prompted for a software update while browsing the web, make sure it is legitimately from the source (e.g. avoid scams that imitate Adobe Flash updates).  
  • When in doubt, contact the Help Desk for further guidance.
  • If your computer is affected by a ransomware attack, shut it down immediately and contact the Help Desk to receive further instructions.

More information on securing your computer.

To: Everyone
From: Lori Parmet, LTS, lparmet@wellesley.edu
More Info: Computing Help Desk, LTS, 781-283-3333 (faculty/staff) 781-283-7777 (students), helpdesk@wellesley.edu

This entry was posted in Uncategorized. Bookmark the permalink.