Protect Yourself and the University: Enroll in 2-Step Verification today!

The University and its employees are targets for sophisticated attacks seeking both sensitive data, cutting edge research, and your money. A School of Medicine colleague was recently a victim of attempted financial fraud.  Sophisticated attackers had acquired biographical information, such as last four digits of social, about the colleague and was able to convince the IT Help Desk to change the password for his account. The attackers logged into the email account and used personal financial information stored in the mailbox to commit significant financial crime by fraudulently charging $25k+ in airline tickets to the SOM colleague's credit card. Read more for information on how can you protect yourself and your data.

Protect Yourself and the University: Enroll in 2-Step Verification today! click to enlarge Enroll in 2-step verification today!

ITS 2 Step Verification Office365


There are a few measures you can do to protect your
 identity and your data: 

  • Sign up for all appropriate 2-step authenticators at UNC and UNC Health Care to protect your email and data.  For UNC email and data go to https://its.unc.edu/2-step/ and follow links to configure Duo and Microsoft MFA.  For UNC Health Care go to: https://go.unch.unc.edu/duo 

  • Be vigilant in responding to emails that request that you urgently log-in to a web site that claims to be from the University.  The required HIPAA Security and Privacy training has a great section on recognizing these phishing emails.  Please check this URL to learn more about phishing emails:  https://help.unc.edu/help/recognizing-and-reporting-fraudulent-emails/ 

  • Protect your personal information on social media platforms to make it harder to learn about you.  The University is seeing industrial scale attacks with foreign actors using information from identity thefts to manipulate business practices (e.g. password resets) to commit fraud. 

  • Use different passwords for each of your accounts (Facebook, Gmail, Online Banking, Onyen, etc.) to limit the risk of one compromise (e.g. Gmail) leading to compromise of all of your other accounts (e.g. Onyen).

 If you’d like to have a discussion to learn more about these items, please contact the UNC School of Medicine IT service desk at help.med.unc.edu.

Filed under: , ,