Secure UD News:
Secure UD is the University of Delaware's comprehensive,
community-oriented information security initiative. Raising
awareness of cyber issues equips and empowers the University
community to make informed, security-conscious decisions in
their personal and work lives.
January is the beginning of tax scam season
Although the IRS will not accept tax returns until Jan. 23,
scammers are preparing to race you to file your return! All
taxpayers, including members of the UD community, must be aware
of scams and should protect themselves. Any taxpayer could be at
risk of fraudulent returns
being filed in their name. Scammers
only need limited information—like your name, birthdate, and
social security number—to file fake returns. If they file a
fake return using your SSN, you will be blocked from filing your
own tax return until you work with the IRS to resolve the
Similarly, all taxpayers should watch out for phishing
scams in which imposters pose as the IRS and call or email
demanding money. The IRS never calls or emails taxpayers about
taxes owed or delinquent payments.
Finally, all UD employees who process HR or payroll data should
watch out for suspicious emails requesting employees' W2 forms
at many prominent companies have fallen for this scam and released
employee W2 data—thereby revealing employee SSNs and
to the scammers. Other universities are reporting that their HR
staff are seeing this scam, too.
What can you do to avoid being a victim of a tax scam?
- File your taxes early. Scammers cannot use your SSN to file a
return if you have already filed yours.
- Be wary of any communication requesting your personal
information. Always verify the sender before responding or
taking action, especially if they're asking for
personal information. Consult the IRS Tax Scams/Consumer Alerts page for
- Remember that the IRS will contact you by letter if there is a
problem with your return. A call or email, especially a
threatening one, is likely a scam.
This tax season, file early and be alert. If something looks or
fishy, report it to the IRS
action! File your federal and state tax returns as
early as possible.
2FA to be required on HR, payroll, other confidential online forms in February
Two-factor authentication (2FA)
is a simple way to protect your UDelNet account and the information it contains. It helps block unauthorized access to your account by adding an extra layer of security to the traditional login process. Over the past year, the University has been adding 2FA protection to more services and accounts.
In early February 2017, 2FA will begin protecting online HR and payroll forms that employees use to transmit confidential information (bank accounts, SSNs, private contact information) and forms that students use to process certain financial aid transactions. By adding the requirement that people use 2FA to access these forms, the University is reducing the risk that students’ and employees’ financial accounts and personal information could be compromised. All UD employees are encouraged to sign up for 2FA before Feb. 6, 2017.
Over 10,700 members of the University community have signed up
for 2FA protection.
All UD graduate students are using 2FA, and we plan to have all
undergraduate students using 2FA by January 2018.
Learn more about 2FA
and enroll today.
Last call to complete your 2016 Secure UD Training
Employees are the University's strongest asset. To cyber
criminals, however, an organization's employees often represent
the weakest link in the security chain.
Your security awareness is essential to preventing our University and our
community from being victimized by a cyber attack. Participating
security training helps raise your awareness of cyber threats
and best practices to combat those threats, helping transform our
community into a strong cyber defense.
Secure UD Training
uses short, topical training videos to address key ideas in information security. These training videos can fit into a deskside lunch break or a brief break between emails. University employees are encouraged to complete Secure UD Training to better equip themselves to face cyber threats in their personal and professional lives.
If you have not already done so, we urge you to join your colleagues in creating a culture of security awareness at UD by completing your 2016 Secure UD Training.
2017 Secure UD training will launch
in late February.
Secure UD Training is refreshed annually to help the University
community stay aware of current cyber threats so that each
employee can play an active role in protecting our University
and our community.
Departments can request Secure UD Training completion reports by emailing a
request to firstname.lastname@example.org.
Complete your Secure UD Training
Do you back up your computers?
Many people overlook the importance of
backing up files
regularly—until they have a disaster and lose their
work. Backing up your work also protects the integrity of your
information in case of a drive failure. In addition, having a
secure backup copy of your system is one of the best
defenses against malware and ransomware infections.
UD IT recommends backing up your personal and family systems
with software like Code42's CrashPlan.
Anyone with an @udel.edu email address—students,
staff, and faculty—can save 25% on one-year plans
for Code42's CrashPlan for Home. For information
about purchasing CrashPlan for Home for your personal and
family computers, consult
the Buy Personal page
at the UD Computing Purchases website.
You can back up your UD files using Google Drive or by making
sure your work files are stored on a departmental server that is
backed up regularly. (Consult your departmental or college IT
staff for more information. Departments can choose to enroll in UD IT's central backup service
or may be running
their own backup service.) In addition,
UD IT staff are implementing a
pilot Code42 CrashPlan deployment on select
Visit the UD Buy Personal page
for information about CrashPlan
Secure UD Threat Alerts
The Secure UD Threat Alerts blog
provides bulletins about cyber threats seen on campus, including phishing scams targeting the University community.
Stay informed by
checking the Secure UD Threat Alerts blog