Mission Statement
The Information Security Office is committed to lowering the risk profile of the University’s electronic information by implementing industry best practices to protect the confidentiality, integrity, and availability of student, faculty, and staff information. We uphold the University’s compliance obligations by developing information security policies, providing security awareness training, and overseeing the implementation of strategic information security initiatives.
Scam of the Week
A File From a “Friend”
You receive a message on WhatsApp, a popular app for sending instant messages. It’s from someone you know, such as a colleague, a friend, or even a family member. They've sent over an attachment that appears to be a business document, like a billing statement, payment record, or an account notice. It's unusual for them to send you something like this, but since it's from someone you trust, you might think it’s safe to open it.
Even though the message you received came from someone in your contacts list, it’s actually a phishing scam! Your contact may not even be aware that it was sent. If cybercriminals are able to gain control of someone else’s WhatsApp account, they can use it to send you messages, like this one. If you open the file, malware will be installed that gives cybercriminals full remote access to your device. They can view your screen and control your computer as if they were sitting right in front of it!
Follow these tips to avoid falling victim to this phishing scam:
- Be cautious of any unexpected files sent via WhatsApp or other messaging apps, even if they appear to come from someone you know. If a contact sends you a file out of the blue, reach out to them through a separate channel, such as a phone call or another app, to verify it.
- Remember that files can be disguised to look like ordinary documents. If you receive something that feels out of place for the person who sent it, like a billing statement from a personal contact, trust your instincts and don't open it.
- Always stop and think before you act! Cybercriminals can sometimes gain access to the accounts of trusted contacts and make phishing attacks seem more believable.
Time It Takes a Hacker to Brute Force Your Password in 2025
Hardware: 12 x RTX 5090 | Password hash: bcrypt(10)
| Number of Characters | Number Only | Lowercase Letters | Upper and Lower Case Letters | Numbers, Upper and Lowercase Letters | Numbers, Upper and Lowercase Letters, Symbols |
|---|---|---|---|---|---|
| 4 | Instantly | Instantly | Instantly | Instantly | Instantly |
| 5 | Instantly | Instantly | 57 minutes | 2 hours | 4 hours |
| 6 | Instantly | 46 minutes | 2 days | 6 Days | 2 weeks |
| 7 | Instantly | 20 hours | 4 months | 1 year | 2 years |
| 8 | Instantly | 3 weeks | 15 years | 62 years | 164 years |
| 9 | 2 hours | 2 years | 791 years | 3k years | 11k years |
| 10 | 1 day | 40 years | 41k years | 238k years | 803k years |
| 11 | 1 week | 1k years | 2m years | 14m years | 56m years |
| 12 | 3 months | 27k years | 111m years | 917m years | 3bn years |
| 13 | 3 years | 705k years | 5bn years | 56bn years | 275bn years |
| 14 | 28 years | 18m years | 300bn years | 3tn years | 19tn years |
| 15 | 284 years | 477m years | 15tn years | 218tn years | 1qd years |
| 16 | 2k years | 12bn years | 812tn years | 13qd years | 94qd years |
| 17 | 28k years | 322bn years | 42qd years | 840qd years | 6qn years |
| 18 | 284k years | 8tn years | 2qn years | 52qn years | 463qn years |
QR Code Phishing - 'Quishing'
Phishing Click Rates Triple in 2024
The Most Dangerous Pop Culture Passwords in 2024
