The Phish Market is a list of recent emails that were reported to the KSU Office of
Cybersecurity as possible phishing attempts on the University community. The Office
of Cybersecurity has confirmed these messages as malicious phishing attempts. If you
have received an email that you believe may contain a phishing attempt, it is possible
that some of the language and links differ from similar messages posted on the Phish
Market. It is not uncommon for malicious actors to create variant messages.
We update this list regularly but it is possible that you received the message before it is published to the Phish Market. If you mistakenly provided credentials to a confirmed phishing email, please change your NetID password immediately at https://netid.kennesaw.edu. If you receive a suspicious email not in the Phish Market, please forward it to firstname.lastname@example.org.
Email is the official method of communication at Kennesaw State University. All announcements and business related correspondence are conducted through official Kennesaw State University email accounts. Any email claiming to be an employee of the university that does not originate from an “@kennesaw.edu” address should be held in suspicion, especially if it claims to be from a person of leadership. Please follow the reporting instructions above if you receive suspicious emails that meet these criteria.
Phishing Update - March 2020
In order to provide additional safeguards against phishing attempts, UITS has implemented the following measures:
- Adding the word [EXTERNAL] to all emails originating outside of KSU
- A short warning at the bottom of the email body for emails originating outside of KSU
In the last year a number of USG institutions, including KSU, suffered financial losses due to malicious individuals impersonating university employees or financial institutions. There were multiple incidents on the KSU campus alone contributing to financial losses. These additions will help identify emails that came from a non-kennesaw.edu email address and reduce the risks associated with these types of phishing attacks.
Additional supporting information:
- Financial fraud via email phishing continues to be a threat to institutions around the state including KSU.
- The FBI reported 23,775 business email compromise incidents in 2019 resulting in financial losses of more than $1.7 billion
- In 2019, the FBI received an average of 1,200 complaints per day regarding fraudulent financial activity, with email phishing remaining the #1 crime type for the third year
- Georgia ranked #13 in victims per State, and #11 in financial loss per State
Cyber Security Smart Cookie Award
In recognition of National Cybersecurity Awareness Month, UITS is proud to announce the launch of the Cybersecurity Smart Cookie Award. The award is a small token of appreciation for those individuals who have contributed to the cybersecurity of Kennesaw State University through their proactive action, ultimately assisting UITS in the detection and management of risks.
And, for the month of October, the Department with the highest percentage of cybersecurity smart cookie award winners will be awarded a Great American Cookie on October 31st!
Cyber Security Digital Badge
Show your friends and colleagues your "cyber-prowess!" You can earn digital badges to be awarded based upon completing cyber-security-related activities. Each activity is associated with increasing awareness of cyber security threats. Each badge level will reinforce your critical role as a user in the security of institutional information and systems. Each badge expires annually.