Report An Information Security Incident

Overview

  • Minnesota State is committed to protecting the security and privacy of its information resources and to make information accessible to fulfill its mission of providing high quality higher education.
  • We want to hear from you any time an information security incident is suspected, attempted, successful, or there is an imminent threat of unauthorized access, use, disclosure, breach, modification, or destruction of information to include interference with information technology operations.

Phishing

The most frequent incidents reported are suspected email phishing attacks.

  • If you receive a suspicious email message that asks for personal information,
    • Outlook.com: If you receive a suspicious email message that asks for personal information, select the check box next to the message in your Outlook inbox. Select the arrow next to Junk, and then select Phishing.
    • Microsoft Office Outlook: While in the suspicious message, select Report message from the ribbon, and then select Phishing.
    • If you don’t have a report option:
      • Create a new, blank email message with the following recipient: phishing@stcloudstate.edu
      • Drag and drop the phishing message into the new message. This will save the junk or phishing message as an attachment in the new message.
  • If you believe your account has already been compromised as a result of a phishing attack, immediately request this service to get assistance or contact HuskyTech.
  • Indications of an account that is already compromised can include emails being sent from your email account that you did not send. Suspicious activity is an indicator that someone has unauthorized access to your account user name and password.

Other examples of information security incidents you should report:

  • Suspected unauthorized use of a computer system.
  • Unauthorized use of another user’s credentials or impersonating another University user.
  • Malicious threats, include computer viruses, trojans, worm and spyware.
  • Social engineering, phishing scams, compromised accounts
  • Loss or theft of computer equipment or other data storage devices and media (e.g., laptop, USB drive) used to store private or potentially sensitive information
  • Unauthorized access to sensitive information, such as Social Security numbers or restricted research data, whether intentional or accidental.

Benefits

  • It is important to report actual or suspected security incidents as early as possible so the University can prevent or limit the impact.
  • Trend analyses of the collected information can be performed, allowing the University to focus preventative efforts on areas of most concern.
  • Investigations (where appropriate) can be performed, and action is taken to prevent a recurrence of the incident.

Resources

 
Request Service

Details

Service ID: 45462
Created
Fri 8/28/20 12:28 PM
Modified
Mon 11/30/20 1:21 PM