Understanding the threat of cybercrime at work
October is Cybersecurity Awareness Month and part of cybersecurity awareness is understanding how cybercrime connects with your daily life and work.
“Cybercrime is not just a distant news story,” said David Capps, chief information security officer for the University of Colorado system. “It is a daily reality for the CU community and our information security teams are your partners in tackling this modern crime wave.”
There are many types of cybercriminals and most of them are financially motivated, looking to get the most money with the least time and effort.
When you take an information security training course or receive a prompt for multifactor authentication, remember that they were put in place by teams who work to protect the CU community from cybercrime every day.
Three of the cybercrimes on the minds of CU information security teams are very directly connected to the lives and work of the CU community.
- Cybercriminals are after CU employee paychecks. Nearly every month, CU information security and human resources team members stop cybercriminals who are attempting to change payroll direct deposit information in order to steal paychecks from CU employees. These criminals take multiple approaches, including sending phishing emails to employees, calling CU IT service desks and emailing HR teams. CU has processes and technologies like multifactor authentication in place to reduce the chances these criminals will be successful, and every employee plays a part in being alert for phishing emails. To learn more about identifying phishing emails, visit the page linked at the end of this article.
- Cybercriminals are after CU research grant funds. Earlier this year, higher education institutions across the country, including CU, were targeted by criminals who were seeking access to the federal government’s grant payment management system. They wanted access to steal grant funding before it was moved into CU accounts. CU information security teams worked with federal agencies to support their investigation and response to attempts to steal federal grant funds. If your duties include managing or transferring funds, you might be a target for cybercriminals and your campus information security team can help you with guidance to stay secure.
- Cybercriminals are after student personal funds. Fake jobs scams are a common tactic used by cybercriminals. College students are frequently targeted as individuals looking for a job that fits into their busy schedules. Students at many schools, including CU, have fallen victim to these scams and had money stolen. CU information security and email teams work together to block fake job solicitations and send takedown requests to websites hosting fake job forms.
There are many other cybercrimes, ranging from online harassment to industrial espionage to attempts to disrupt business. Everyone at CU can work together to prevent, detect and respond to a wide variety of attempted cybercrime.
“If you think you may be the victim of cybercrime, reach out to your campus information security team,” said Brad Judy, deputy chief information security officer for the CU system. “Our teams are experienced in dealing with cybercrime and can help you understand what happened and what to do next.”
To learn more about cybersecurity at CU and your role in protecting the CU community, see the CU Cybersecurity Awareness Month website at www.cu.edu/cam