Employees must complete computer security training by Tuesday or network access will be suspended

All university employees must complete computer security training by Tuesday, Nov. 5, to avoid losing user access. Loss of access will prevent employees from using any OLLU network systems. Loss of access will impact the ability to carry out daily responsibilities.

Training is managed by InfoSec, a third-party vendor. All employees should have received emails from notifications@securityiq-notifications.com with a message about completing the 24-25 OLLU Faculty/Staff Annual InfoSec Training course.

If you are having trouble locating the email, please contact Gregory Garza, OLLU Information Security Officer, at ollu_its@ollusa.edu.

ITS Office warns of ‘phishing’ scams

The Office of Information Technology Services (ITS) would like to bring to your attention multiple phishing emails targeting our students with fraudulent job opportunities. These phishing campaigns aim to deceive unsuspecting job seekers. Students may unknowingly respond to these bogus job offers and fill out an online form with personal and sensitive information. The perpetrators subsequently contact students via their alternative email addresses (e.g., Hotmail or Gmail) or by phone, giving the impression of a legitimate interview. During this follow-up communication, the perpetrators may send the student an image of a check and instruct them to deposit it using their bank’s mobile app. These actors will then request that the student return a portion of the deposited funds through various means, such as gift cards, direct deposit, or cryptocurrency. Remember, the checks that students deposit are fake and have no value; however, the money returned from the students’ accounts is real and the students are accountable for those funds.

Here are some pointers to look for so that students don’t become a victim.

  • Look at the Email Sender information. Many of these bogus emails come from disposable Gmail accounts (i.e. taynaubunge78934@gmail.com). Ask yourself, “The job I responded to is with ABC company, so why are they using a Gmail account to communicate?”
  • Look for a Caution Banner. Email originating from an external email address will have a caution banner.
  • Read the email aloud. Listen for broken English.
  • Look for font variations. That’s a tell-tale sign actors repeat their campaigns simply copying/pasting paragraphs
  • Actors become threatening if you do not comply with their requests.
  • Check with OLLU Center for Career Development and Testing (CCDT). The center can assist with identifying fake job announcements. Staff also can help you locate legitimate internship and career opportunities; email them at ccdt@ollusa.edu.

What to do if you fall victim to a scam:

  • Stop all correspondences.
  • Click the PhishNotify or the Report button located on your Outlook ribbon.
  • Block email address and phone numbers.
  • Contact your bank and inform them you are a victim of a financial scam.
  • Monitor any future bank activity for unauthorized purchases.
  • File a police report with campus police.

Be advised that all students have been granted access to the Information Security Awareness training, which includes important information on phishing campaigns. Please check your OLLU inbox for an email from InfoSec IQ to start your training. InfoSec IQ is the university’s security training vendor. Emails that come from notifications@securityiq-notifications.com are legitimate and safe to click on.

Office of Information Technology Services warns of phishing email 

The Office of Information Technology Services (ITS) would like to bring to your immediate attention a confirmed phishing email that has been circulating within our community. The email in question has the subject line: “PART-TIME ADMIN/ASSISTANT OPPORTUNITY!!” and appears to come from a faculty member.

Please be advised that this email is a phishing attempt designed to deceive recipients into divulging one’s financial information.

If you receive an email with this subject line, do not open it, click any links, or download any attachments. Instead, please take the following actions immediately:

  1. Click the red fish button on your Outlook ribbon.
  2. Click the Report button to notify our ITS department.

If you responded to the bogus email you may have received a follow-on call from an actor identifying himself as Dorin Morgos, subsequently inquiring about your financial institution and account information as part of the hiring ruse. DO NOT provide any financial information as this is not a legitimate job offer.

Please contact your Information Security Officer immediately for further assistance if you believe you have been victimized by this phishing campaign.

Your prompt action will help us to mitigate any potential risks and protect our organization’s data and security.