Holiday Season Cyber Scams and Malware Campaigns

As we approach the holidays, the Information Security Office (ISO) would like to remind the UT Arlington community to be aware of seasonal scams, phishing and malicious software (malware) distribution campaigns.

Every year, cyber criminals take advantage of the increase in online purchases and electronic seasonal greeting cards to trick victims into believing they’ve received packages or personal messages. They often use multiple methods to attract victims, such as posing as legitimate websites and/or using fraudulent emails that are crafted to look legitimate; they steal the logos, email or web templates of legitimate businesses *e.g. FedEx, DHL UPS, Amazon.com, etc.) in an effort to entice victims into clicking links or opening attachments.

These phishing and malware campaigns may come in the form of :

  • Fake shipping/courier notifications.
  • Electronic greeting cards or links to holiday screensavers or other forms of media.
  • Request for charitable contributions that may appear to be for legitimate causes but originate from illegitimated sources claiming to be charities.
  • Credit card or gift card applications or enticing discounts in online shopping advertisements that lead to websites you’re unfamiliar with.

In addition, be aware of social engineers who may call you on your personal or work phone using a themed pretext (holiday offers, package pickup, etc.).

Don’t be a victim!  The ISO advises caution when you encounter these types of email messages or websites by:

  • Looking for tell-tale signs that a website or email is not legitimate:

………….– The senders address or website address does not match the organization listed in the content of the message.
………… – The grammar in the message or website is poor.
………… – Format of the email or website is poor or inconsistent with what you’re used to seeing from the organization.
………… – Hovering over the links with your mouse reveals web address inconsistent with the content of the message.

  • Never clicking on links in emails that you’re not expecting.
  • Never opening attachments in emails that you’re not expecting.
  • Never providing your personal information in an email or on a website unless you are completely sure.

The United States Computer Emergency Readiness Team encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:

Welcome Back, Malware!

It’s a new semester here at UT Arlington, but with the return of students comes an increase of malware on the network.   If you’re connecting any of your devices (phone, tablet, laptop) to the UTA wireless, you should be aware that there are infected computers sharing that space.  Make sure you have an antivirus program installed and up-to-date, even on your phone and tablet (and even if it’s a Mac).  UTA offers some support for the following antivirus programs on personal computers:

Microsoft Security Essentials (Windows)

ClamXav (Mac)

Clam AV (*nix)

If you’re unlucky enough to become infected and bring your device onto the UTA network, there’s a good chance you’ll be getting an email from us to let you know.  Don’t ignore these!  If you don’t respond to a virus notification, your account could be blocked from the wireless network to protect other users.

As always, if you have questions or concerns, drop us a line here or at security@uta.edu.  Have a great semester!