| CARVIEW |
Safe computing is everyone’s responsibility
Information security plays a vital role in protecting the confidentiality, integrity, and availability of information at the University of North Carolina at Chapel Hill. To do that, we need you to be responsible users of the University’s network and computing resources. This website will provide you with guidance on important issues as you study, research, teach, and work at the University.
Latest News & Tips
Phish that Defeats MFA
We’re seeing an increase in phishing sent from trusted senders or organizations. When an adversary compromises an account, they may send phishing messages to the victim’s contact list. This technique defeats weaker, non phish-resistant, forms of MFA which includes telephony (voice call or text/sms) and app-based (push notification, with or without number match, or one-time passcodes). If you think you may have exposed your credential… Read More about Phish that Defeats MFA.
Phish with Captcha
In the phishing example below, an adversary has gained access to a trusted contact’s email (possibly they were the victim of a similar phish) and sent the following phish to members of their contact list. Here we’ll summarize specific red flags in each frame Be wary of changes in behavior. If the sender has never previously used this sharing method and/or if you’re not expecting… Read More about Phish with Captcha.
Phish with Encrypted Attachment
In the phishing example below, an adversary has gained access to a trusted contact’s email (possibly they were the victim of a similar phish) and sent the following phish to members of their contact list. Here we’ll summarize specific red flags in each frame Be wary of changes in behavior. If the sender has never sent a password protected PDF, this could be a red… Read More about Phish with Encrypted Attachment.
-
eMail Bomb
Did you suddenly start receiving hundreds of spam emails like new account registrations for sites you’ve never used, newsletter subscriptions you didn’t opt-in to, etc.? You may be the victim of email subscription bombing (T1667). What should I do? Contact UNC ISO via help.unc.edu (Report a Potential Cybersecurity Incident). Make sure to provide a call back number or periodically check the help.unc.edu portal for updates…. Read More about eMail Bomb.