[Important Information for Employees] Phishing and Cyberattack Awareness

Information Technology Services CIO Office its-cio-office at plattsburgh.edu
Fri Apr 11 20:26:25 UTC 2025 

Good afternoon,


I'm emailing you today as a quarterly reminder that higher education
continues to be a target for phishing and cyberattacks. According to the
2025 Global Threat report released by Crowdstrike, cybercriminals continue
to use traditional email social engineering tactics that are specifically
designed to trick end users into gaining access to their accounts.


Cyber criminals are also using new attacks to steal your information, one
example is a technique called "Vishing".


What are Voice phishing (Vishing) attacks? - cyber criminals call targeted
users and attempt to persuade them to download malicious payloads,
establish remote support sessions, or enter their credentials into fake
phishing pages. This type of attack saw an incredible 442 percent increase
in 2024.


In short, cybercriminals are focused on busy and distracted end users,
expecting them to make mistakes. Please analyze and question all calls and
emails that ask for information!


Here are some helpful hints we have supplied in the past to help spot
phishing.

*How to recognize email phishing: Can you spot the scam?*

*It's important to remember that the FROM address is easy to manipulate on
an email. *If you receive an email that looks suspicious, is unsolicited
and uses poor spelling or grammer, review it carefully before proceeding.

*How can I tell whether a message is fraudulent?*

   1. *Hover over links to view the actual URL they reference. *Note
   the discrepancy between the text language and the link. If the link goes to
   an outside address instead of a legitimate SUNY Plattsburgh address, it's
   a scam.
   2. *Identify that the "from" email address matches the display name.* The
   "from" address may look legitimate at first glance, but a closer look at
   the email headers may reveal that the email address associated with the
   display name is actually coming from someone else.
   3. Does it have an [External] Flag in the subject line? Off-campus
   messages are marked as EXTERNAL. *If an email comes from an address that
   isn’t affiliated with the apparent sender, it’s almost certainly a
scam *(though
   there can be exceptions to this situation).
   4. *It came from an @plattsburgh.edu <http://plattsburgh.edu/> address
   but still looks like a scam. *If after inspection you believe that it
   came from an @plattsburgh.edu email address and you still have concerns,
   please forward those messages to helpdesk at plattsburgh.edu. It may be
   that the sending account is compromised and we need to take action.

*General Guidelines*
Phishing scams typically take the form of targeted email or text messages
designed to get victims to engage and establish a rapport. The *fake *
*messages **are always changing*, so be aware of basic safety practices
when encountering suspicious messages.

The goal of the criminal is to steal data, money, or both. Never part with
any of these valuables.

If you receive a suspicious message, follow these steps:

   1. *Do not reply*.
   2. *Mark the message as Spam.*
   3. *If you have replied *or are unsure about what to do, contact the ITS
   Helpdesk
   <https://www.plattsburgh.edu/academics/resources/technology/csds/helpdesk/index.html>
without
   delay.

As always, should you have any questions about phishing scams or any other
cyber-security issue, please feel free to contact the Helpdesk
<https://www.plattsburgh.edu/academics/resources/technology/csds/helpdesk/index.html>.
You will also find helpful information on our Information Security web page
<https://www.plattsburgh.edu/academics/resources/technology/infosec/index.html>
.

Have a good weekend and thank you for helping to keep the campus community
cyber-safe!

-- 

*TJ Myers*

Director & Chief Information Officer

Information Technology Services

215 Feinberg

101 Broad Street
<https://maps.google.com/?q=101+Broad+Street+Plattsburgh,+NY+12901&entry=gmail&source=g>

Plattsburgh, NY 12901
<https://maps.google.com/?q=101+Broad+Street+Plattsburgh,+NY+12901&entry=gmail&source=g>

(o) 518-564- <(518)%20564-2449>5180

(f) 518-564-3817

*plattsburgh.edu <http://plattsburgh.edu/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ls.plattsburgh.edu/pipermail/critical-employees/attachments/20250411/26541579/attachment.htm>

More information about the Critical-Employees mailing list