Mission Statement
The Information Security Office is committed to lowering the risk profile of the University’s electronic information by implementing industry best practices to protect the confidentiality, integrity, and availability of student, faculty, and staff information. We uphold the University’s compliance obligations by developing information security policies, providing security awareness training, and overseeing the implementation of strategic information security initiatives.
Scam of the Week
The Help Desk Hijacking
Imagine starting your workday to find your email inbox flooded with hundreds of junk emails all arriving at once. Before you can make any sense of the chaos, you receive a Microsoft Teams message from someone claiming to be from your organization's IT team, offering to step in and fix the problem. They send you a link to install a “Mailbox Repair Utility”.
But this IT helper is actually a cybercriminal running a carefully planned scam! Cybercriminals send you this mass influx of emails deliberately to create a sense of panic and make their offer to help you seem credible. If you click the link they sent, you'll be directed to a malicious webpage. Once on the page, you'll be instructed to enter your username and password to install the repair tool. However, this webpage is designed to steal your login information, and the "repair tool" is actually malware!
Follow these tips to stay safe:
- If you experience a problem with junk emails, contact your IT department directly through a verified channel. Don't respond to anyone who messages you unexpectedly and offers to help.
- You shouldn't click links or install software if someone messages you unexpectedly, even if they claim to work for your IT department. If you receive a suspicious message, be sure to report it.
- Remember, always stop and think before you act. Cybercriminals can attempt to trick you by creating a problem and then offering to help you “fix” it.
Time It Takes a Hacker to Brute Force Your Password in 2025
Hardware: 12 x RTX 5090 | Password hash: bcrypt(10)
| Number of Characters | Number Only | Lowercase Letters | Upper and Lower Case Letters | Numbers, Upper and Lowercase Letters | Numbers, Upper and Lowercase Letters, Symbols |
|---|---|---|---|---|---|
| 4 | Instantly | Instantly | Instantly | Instantly | Instantly |
| 5 | Instantly | Instantly | 57 minutes | 2 hours | 4 hours |
| 6 | Instantly | 46 minutes | 2 days | 6 Days | 2 weeks |
| 7 | Instantly | 20 hours | 4 months | 1 year | 2 years |
| 8 | Instantly | 3 weeks | 15 years | 62 years | 164 years |
| 9 | 2 hours | 2 years | 791 years | 3k years | 11k years |
| 10 | 1 day | 40 years | 41k years | 238k years | 803k years |
| 11 | 1 week | 1k years | 2m years | 14m years | 56m years |
| 12 | 3 months | 27k years | 111m years | 917m years | 3bn years |
| 13 | 3 years | 705k years | 5bn years | 56bn years | 275bn years |
| 14 | 28 years | 18m years | 300bn years | 3tn years | 19tn years |
| 15 | 284 years | 477m years | 15tn years | 218tn years | 1qd years |
| 16 | 2k years | 12bn years | 812tn years | 13qd years | 94qd years |
| 17 | 28k years | 322bn years | 42qd years | 840qd years | 6qn years |
| 18 | 284k years | 8tn years | 2qn years | 52qn years | 463qn years |
QR Code Phishing - 'Quishing'
Phishing Click Rates Triple in 2024
The Most Dangerous Pop Culture Passwords in 2024