Mission Statement
The Information Security Office is committed to lowering the risk profile of the University’s electronic information by implementing industry best practices to protect the confidentiality, integrity, and availability of student, faculty, and staff information. We uphold the University’s compliance obligations by developing information security policies, providing security awareness training, and overseeing the implementation of strategic information security initiatives.
Scam of the Week
Genuine Alert, Fake Emergency
In this week's scam, cybercriminals are using fake purchase alerts to target Apple users. You receive what appears to be a genuine Apple email that says, "Your Apple Account information has been updated." It states that someone used your account to purchase an iPhone and includes a phone number to call to cancel the order. Since you didn't authorize this purchase, you may be tempted to call the number immediately.
If you call the number in the email, you'll be connected to a "support person" who will tell you that your account has been compromised. But this email is a phishing scam, and the “support person” is actually a cybercriminal! They'll ask you to provide your financial information so that they can fix the problem, or they may ask you to install software that will allow them to access your device. They can then use that information or software to steal your money or personal data!
Follow these tips to avoid falling victim to this phishing scam:
- If you receive an unexpected email claiming that someone used your Apple account to make a purchase, do not call any phone number listed in the email. Instead, go directly to Apple's official website or open the Settings app on your device to check your account activity.
- Read emails carefully, even if they seem to come from a legitimate source. Unusual formatting or grammatical errors can be warning signs of a phishing email.
- Always stop and think before you act! Cybercriminals often create a sense of urgency to try and pressure you into making fast decisions.
Time It Takes a Hacker to Brute Force Your Password in 2025
Hardware: 12 x RTX 5090 | Password hash: bcrypt(10)
| Number of Characters | Number Only | Lowercase Letters | Upper and Lower Case Letters | Numbers, Upper and Lowercase Letters | Numbers, Upper and Lowercase Letters, Symbols |
|---|---|---|---|---|---|
| 4 | Instantly | Instantly | Instantly | Instantly | Instantly |
| 5 | Instantly | Instantly | 57 minutes | 2 hours | 4 hours |
| 6 | Instantly | 46 minutes | 2 days | 6 Days | 2 weeks |
| 7 | Instantly | 20 hours | 4 months | 1 year | 2 years |
| 8 | Instantly | 3 weeks | 15 years | 62 years | 164 years |
| 9 | 2 hours | 2 years | 791 years | 3k years | 11k years |
| 10 | 1 day | 40 years | 41k years | 238k years | 803k years |
| 11 | 1 week | 1k years | 2m years | 14m years | 56m years |
| 12 | 3 months | 27k years | 111m years | 917m years | 3bn years |
| 13 | 3 years | 705k years | 5bn years | 56bn years | 275bn years |
| 14 | 28 years | 18m years | 300bn years | 3tn years | 19tn years |
| 15 | 284 years | 477m years | 15tn years | 218tn years | 1qd years |
| 16 | 2k years | 12bn years | 812tn years | 13qd years | 94qd years |
| 17 | 28k years | 322bn years | 42qd years | 840qd years | 6qn years |
| 18 | 284k years | 8tn years | 2qn years | 52qn years | 463qn years |
QR Code Phishing - 'Quishing'
Phishing Click Rates Triple in 2024
The Most Dangerous Pop Culture Passwords in 2024