Phish TankPhish Tank
A collection of phishing scams that have attempted to bait the Auburn community.
Phish TankIn page navigation
2-Factor AuthenticationDUO
Auburn has implemented DUO as high-security login authentication.
2-Factor Authentication (DUO)In page navigation
Enables Auburn employees to comply with protecting restricted data.
SpirionIn page navigation
IT Security TipsSecurity
Auburn sponsored security tips.
IT Security TipsIn page navigation
Mobile Device SecurityMobile Device
Auburn University's mobile device security requirements.
Mobile Device SecurityIn page navigation
Phishing is an attempt to acquire personal information masquerading as a trustworthy entity.
PhishingIn page navigation
SANS Securing the HumanSANS
Each day more and more cyber threats are committed against institutions of higher education.
SANS Securing the HumanIn page navigation
Removal Tips, Tools, and Information.
Spyware/MalwareIn page navigation
Virus ProtectionVirus Protection
Everyone at Auburn University is expected to take precautions to protect their computers against viruses.
Virus ProtectionIn page navigation
VPN ClientVPN Client
A VPN provides a secure two-way communication tunnel to the Auburn University network.
VPN ClientIn page navigation
Case In PointCase In Point
Lessons for the pro-active manager
Case In PointIn page navigation
Project CleanupDelete
Improving security and minimizing risk through proper data management
Project CleanupIn page navigation  or    844-0888 with questions
William Miaoulis

Recently, the Federal Bureau of Investigation (FBI) has warned banks of a serious hacking threat that could result in millions of dollars being taken from ATMs.   The hackers hack into the banks, obtain consumers' ATM card and PIN information, then create cloned ATM cards and conduct an "ATM cash-out" around the globe. 

Ultimately, the banks are responsible, but the impact to consumers is real, as the money will come from their account which can cause checks to bounce and money not to be available for individual needs. 

Here are a few steps you can take:

  • Go to your bank and see if they have posted any information about this potential risk.
  • Sign up for fraud alerts on your ATM and credit cards.
  • Monitor your accounts closely for unauthorized activity.
  • If you see and suspicious activity, contact your bank immediately.
  • Change your passwords and if possible change your ATM PIN number.
Published: 8/15/2018 9:27 AM
# Comments: 0
William Miaoulis

You may have noticed in the news, or perhaps even in your own inbox, that a "sextortion" scam is picking up traction. This scam is not a new one, but it is adapting and starting to target victims of recent security breaches that have occurred off-campus. If you see the scam in your Auburn email account, then the data came from a site where you registered with that address. Some recent breaches of note have been Facebook, Reddit, LinkedIn, Target, and Equifax, but we do not know where this data originated.

The exact wording may vary, but you can recognize this scam because the subject line and introduction will most likely contain a legitimate password that you may or may not still be using. The body of the email typically claims that someone has hacked your webcam and recorded videos of you while watching pornography. In exchange for deleting the video, the sender asks for a bitcoin transfer or some other form of payment.

So what does this mean for you? Here are some Dos & Don'ts for handling email scams like this one:


  • Change any account that still uses the password.
  • Send the original email as an attachment to before deleting it.
  • Plan to change your passwords frequently; Auburn Policy requires changing them every 6 months.


  • Click on any link in the email.
  • Send any bitcoin, gift card, money transfer, etc.
  • Use the same password across multiple accounts.

If you have any questions, please contact your IT service provider, contact the IT Service Desk at 844-4944 or, or send an email to our information security team at



Published: 8/7/2018 1:14 PM
# Comments: 0
Kathryn Parker

Everyone on campus has something that's protected by a password. Bank account, email inbox, social media profile – or most likely, a combination of these and many more! Setting a password is a good step, but are you really doing all you can to keep your information and identity safe? To be able to answer 'yes' to that question, you should answer 'no' to all of these:

  • Do you have anything that still uses a default password?
  • Do you use the same password for multiple accounts?
  • Does your password include your name, your pet's name, your birthday, your anniversary, or any other publicly known information?
  • Is your password all lowercase or all uppercase?
  • Is your password a word that's in the dictionary?
  • Do you have your passwords written on post-it notes or in other various locations?
  • Does your password hint contain the actual password?
  • Have you opted out of two-factor authentication?
  • Do you save your passwords in your browser?

If you answered yes to any of these questions, consider looking into changing that practice to help secure your data. Use as many mixed characters as possible, enable two-factor when it's available, use nonsense words or patterns that only make sense to you, and look into a password vault to help you keep everything organized. There's no such thing as 100% secure, but these steps will certainly help you get closer!


Published: 3/28/2018 1:12 PM
# Comments: 0
1 - 3Next
Retrieving Data
Retrieving Data