The University of Southern Mississippi (USM) faces persistent cybersecurity threats, primarily through phishing scams and AI-driven deepfake attacks targeting students, faculty, and staff. iTech, USM’s IT division, reports that scammers exploit urgency tactics, fake job offers, and fraudulent giveaways to harvest sensitive data such as passwords, Social Security numbers, and login credentials. While no specific breach is detailed in the article, the risks include potential unauthorized access to university systems (SOAR, Canvas, Eagle Alert) and personal data leaks due to deceptive emails. The rise of AI amplifies threats by enabling hyper-realistic impersonation, increasing the likelihood of financial fraud or identity theft if victims comply with malicious requests. iTech mitigates risks through awareness campaigns and collaboration with external cybersecurity agencies, but the ongoing exposure to social engineering attacks poses a latent risk of data compromise or system infiltration.
Source: https://sm2media.com/37054/news/on-campus/usm-itech-offers-tips-for-national-cybersecurity-month/
TPRM report: https://www.rankiteo.com/company/usm-school-of-computing-sciences-and-computer-engineering
"id": "usm3374833102725",
"linkid": "usm-school-of-computing-sciences-and-computer-engineering",
"type": "Cyber Attack",
"date": "10/2004",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Students, Faculty, Staff '
'(University Community)',
'industry': 'Higher Education',
'location': 'Hattiesburg, Mississippi, USA',
'name': 'University of Southern Mississippi (Southern '
'Miss)',
'type': 'Educational Institution'}],
'attack_vector': ['Phishing Emails',
'Social Engineering',
'AI/Deepfake Manipulation'],
'customer_advisories': 'Public tips shared via university communications '
'(e.g., email, website, interviews).',
'date_publicly_disclosed': '2023-10-01',
'description': 'During National Cybersecurity Month (October 2023), USM '
'iTech, the cybersecurity and IT support division of the '
'University of Southern Mississippi (Southern Miss), shared '
'awareness tips to help students and staff avoid phishing '
'scams, fraudulent job offers, and AI-driven threats like '
'deepfakes. The campaign highlighted common red flags in scam '
'emails, such as urgency, requests for sensitive information '
'(e.g., passwords, SSNs), mismatched credentials, and spelling '
'errors. iTech emphasized its collaboration with external '
'cybersecurity agencies to monitor emerging threats and '
'advised the university community to report suspicious emails '
'directly to their team. No specific incident or breach was '
'reported; the focus was on proactive education and '
'prevention.',
'impact': {'brand_reputation_impact': 'Positive (Proactive Awareness)',
'identity_theft_risk': 'Mitigated (via Education)',
'payment_information_risk': 'Mitigated (via Education)'},
'investigation_status': 'N/A (Preventive Campaign)',
'lessons_learned': ['Urgent requests for sensitive information are a major '
'red flag in phishing attempts.',
'AI and deepfakes increase the sophistication of social '
'engineering attacks, requiring multi-channel '
'verification.',
'Proactive education and collaboration with cybersecurity '
'agencies can mitigate risks before incidents occur.',
'Legitimate organizations (including universities) will '
'never request passwords or SSNs via email.'],
'motivation': ['Financial Gain', 'Data Theft', 'Fraud'],
'recommendations': ['Verify requests for sensitive information or financial '
'transactions through a secondary communication method '
'(e.g., phone call).',
'Report suspicious emails directly to IT/cybersecurity '
'teams instead of engaging with them.',
'Stay updated on emerging scams by following trusted '
'cybersecurity resources (e.g., DHS, National '
'Cybersecurity Alliance).',
"Be skeptical of 'too good to be true' offers (e.g., fake "
'job opportunities, giveaways).',
'Check for mismatched email addresses, spelling errors, '
'and digital credential inconsistencies.'],
'references': [{'date_accessed': '2023-10',
'source': 'University of Southern Mississippi (USM) iTech'},
{'date_accessed': '2023-10',
'source': 'U.S. Department of Homeland Security - National '
'Cybersecurity Month',
'url': 'https://www.cisa.gov/cybersecurity-awareness-month'}],
'response': {'communication_strategy': ['Public Awareness Campaign',
'Media Interviews (Allen Baxter, '
'David Sliman)',
'Direct Advisories to Students/Staff'],
'enhanced_monitoring': 'Ongoing threat intelligence sharing with '
'external agencies',
'third_party_assistance': 'Collaboration with external '
'cybersecurity agencies'},
'stakeholder_advisories': 'Students, faculty, and staff were advised to '
'report suspicious emails to iTech and follow best '
'practices for digital safety.',
'threat_actor': ['Unspecified Scammers', 'Opportunistic Cybercriminals'],
'title': 'National Cybersecurity Awareness Month - USM iTech Phishing and '
'Scam Awareness Campaign',
'type': ['Awareness Campaign', 'Phishing Prevention', 'Scam Education'],
'vulnerability_exploited': ['Human Error',
'Lack of Awareness',
'Trust in Urgent Requests']}