Additional ITS Security Measures

Information Technology Services (ITS) is implementing additional security measures to protect University resources and the user community from malicious activity such as phishing email:

  • Beginning Monday, Nov. 30, emails received from non-University accounts will have a yellow banner displayed at the top of the message. The banner will contain text indicating the email originated from outside of the University, making it easier to identify external senders especially on phones and devices where complete sender information may not be readily visible. The banner is a reminder to be extra vigilant toward messages from external senders. More information about the external email banner is available at memphis.edu/its/security/email-banners. NOTE: Emails from external University business partners may be excluded from receiving the external email banner. University offices wishing to request an exception for external business partners should contact the ITS Service Desk as indicated below.
  • Beginning Jan. 25, 2021, multi-factor authentication (Duo) will be required for all University student and employee accounts. Students are encouraged to enroll now by visiting iam.memphis.edu/duo. Duo provides a second form of verification in addition to a password when logging in. Users are encouraged to install the Duo mobile app. You can learn more about Duo at memphis.edu/duoBeginning Feb. 1, 2021, ITS will fully enforce the requirement to use Duo, and users not enrolled in Duo will be unable to log in to University resources.

Also, employees are reminded to regularly review the IT Security Policies and Guidelines page as well as the Guidelines for Storage of University Electronic Data page for appropriate storage services and locations for all classifications of University data.

For assistance, please contact the ITS Service Desk by visiting umhelpdesk.memphis.edu, emailing umtech@memphis.edu, or calling 901.678.8888.

ITS Security Alert 11/13/2020

Information Technology Services (ITS) is providing the following alert to warn against fraudulent email scam attempts targeting UofM email accounts. In some cases, emails are sent from a fake email account of University leadership or a supervisor to employees of a department. These emails typically begin with a phrase such as “Are you available?” or similar language and try to build a sense of urgency by stating the sender is in a meeting and needs an urgent errand to be completed. The sender is ultimately trying to trick the recipient into purchasing gift cards with the recipient’s personal funds and provide the gift card codes via email or text messages. In some cases, the urgent message may request a personal cell number where the attacker seeks to gain additional information about the victim including the possibility of exploiting the cell phone.

If you receive a suspicious email involving cash disbursement, gift card purchases, transfer of funds or any other financial activity that purports to be from a University official, or if you are asked to provide personal information via email, carefully review the email before responding and follow up with a phone call to the appropriate office to confirm the authenticity of the request. Forward suspicious emails to abuse@memphis.edu. If you receive an urgent request after hours and are unable to confirm the authenticity of the request, please follow up on the next business day. Taking a moment to confirm the email’s authenticity will help protect you and the University.

Note that the same methods used in email attacks can also be used via telephone calls. If you receive a phone call using similar tactics, do not feel pressured to respond immediately. Instead, request the caller’s contact information, seek validation of the request and return the call later if appropriate.

Remember to treat unsolicited job opportunities, special offers and unexpected email attachments with skepticism. Even if the message appears to come from a trusted individual, be mindful of language or addresses used in the message and be suspicious if they don’t match what you typically receive from the individual. If you receive any email message that has a suspicious attachment or asks you to take a questionable action, please report the message via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at 901.678.8888.