Increase in unauthorized access attempts on UCCS accounts

The Offices of Information Technology and Human Resources have noticed an uptick in attempts to gain unauthorized access to UCCS accounts. These attempts are results from phishing emails and some basic social engineering techniques used to gather employee and account information.

The attackers’ goal in these latest cases is to access your UCCS and CU Portal accounts. Thanks to our security protocols, we believe their success rate has been limited and where they have gained access, additional security measures alerted the employee of any changes that were attempted.

The attacks we’ve seen recently involve callers contacting OIT or HR and providing just enough personal information to get additional information to gain access to these accounts. Often, scammers can get this personal information from social media to effectively verify the identity of the person they’re targeting.

In response to these breach efforts, IT and HR will increase their requirements for anyone trying to obtain information about their own records or reset their passwords, including but not limited to resetting MFA during normal business hours only. Please be patient with these increased security requirements as they are intended to protect you and your personal information.

Some ways to prevent these sorts of attacks on your account:

  • Use multi-factor authentication, via Microsoft Authenticator.
  • Make your social media posts only accessible to people you know, and keep sensitive personal information (such as birthdays, current workplace with dates of employment, full names, and addresses) private or don’t enter it into social media at all. LinkedIn and Facebook users especially should take a second look at what they have displayed publicly.
  • Make periodic checks of your direct deposit information.
  • Never share your passwords with anyone.
  • Don’t use the same password for multiple accounts and websites.
  • Change your passwords often.

If you have any questions about safeguarding your accounts, please contact [email protected] or [email protected].