2025 - 2026 AY SpiderBytes

Expand All

  • June 2025

    Published Date(s): 6/11/2025
    Title: We All Scream for LastPass
    Message: This summer, treat yourself to peace of mind with LastPass—the scoop your passwords have been waiting for! LastPass is your digital vault, keeping your logins secure, organized, and always just a click away.

    Faculty and staff get access to LastPass Enterprise for University accounts, and as a cherry on top, LastPass Premium is free for personal use too!

    Use your Enterprise account for work logins only, and your Premium account for personal ones. You can even link them together for double the convenience in one sweet interface.

    Install the browser extension, let LastPass fill in passwords, and generate new, strong ones with zero brain freeze.
    Just remember:

    - Make your master password strong
    - Never share it
    - Don’t reuse it anywhere else

    Stay cool, stay secure—because cybersecurity should be as smooth as soft-serve.
    Website Link: https://spidertechnet.richmond.edu/TDClient/1955/Portal/Requests/ServiceDet?ID=35278

    Published Date(s): 6/18/2025
    Title: SpiderSecure Summer Tips
    Message: As we head into summer, it’s important to keep cybersecurity top of mind—whether you’re traveling, working remotely, or taking a break. Cyber threats don’t take vacations, so here are a few simple habits to help you stay secure:

    - Use strong, unique passwords for every account. Consider using a password manager like LastPass to keep them safe.

    - Enable multi-factor authentication (MFA) wherever possible—it adds a critical layer of protection.

    - Beware of public Wi-Fi. If you must connect, use a VPN to protect your data.

    - Keep software and devices updated to patch security vulnerabilities.

    - Be cautious with email and texts, especially those asking for sensitive information—phishing scams rise during travel seasons.

    Practicing these habits can help protect your personal and University data all summer long. Stay SpiderSecure and enjoy a secure break!
    Website Link: https://is.richmond.edu/infosec/index.html

    Published Date(s): 6/25/2025
    Title: June is National Internet Safety Month
    Message: School might be out, but hackers are always in session. June is National Internet Safety Month—a perfect time to level up your online security before heading off on summer adventures.
    Here’s how to keep your digital life safe:

    - Use strong, unique passwords for every account (a password manager like LastPass can help)

    - Turn on multi-factor authentication (MFA) for your email, social, and school logins

    - Avoid public Wi-Fi when logging into sensitive accounts—or use a VPN

    - Keep your phone, laptop, and apps updated

    - Be skeptical of unexpected texts, emails, or DMs—phishing is real

    Your personal data, schoolwork, and social accounts are all valuable targets. Taking a few minutes now can save you a lot of trouble later.

    So while you’re out soaking up the sun, make sure your online life is just as protected. 
    Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/cybersecuritybasics/index.html

  • July 2025

    Published Date(s): 7/22/2025
    Title: Stay Alert for Duo Push Fatigue
    Message: Cyber attackers are increasingly targeting users with Duo Push fatigue attacks—a method where repeated, unsolicited Duo authentication requests are sent to wear you down. The attacker hopes you’ll mistakenly approve one out of frustration or habit.

    If you receive a Duo Push notification that you didn’t initiate, do NOT approve it. Instead, tap "Deny" and select “It seems fraudulent.” This will alert a security team to investigate.

    To protect yourself:
    - Only approve Duo requests when you’re actively logging in.
    - Never approve a prompt you weren’t expecting—even if it seems legitimate.
    - Use the "Remember Me" feature on trusted devices to minimize prompts.
    - Report any suspicious activity to your campus IT/security team.

    Push fatigue attacks rely on human error. Your awareness and caution are your best defense. If it doesn’t feel right—don’t approve it.
    Website Link: https://spidertechnet.richmond.edu/TDClient/1955/Portal/KB/ArticleDet?ID=144939

    Published Date(s): 7/29/2025
    Title: Stop Duo Push Attacks
    Message: Have you received repeated Duo Push notifications without trying to log in? This could be a Duo Push fatigue attack—a technique where cybercriminals bombard you with prompts, hoping you’ll eventually click "Approve" by mistake.

    Don’t fall for it. If a push appears and you’re not logging in, tap "Deny" and mark it as fraudulent. This not only protects your account but helps alert IT to ongoing threats.

    Tips to stay secure:
    - Only approve Duo requests you initiate.
    - Use the "Remember Me" option on trusted devices to reduce prompt frequency.
    - Stay vigilant—if anything feels off, don’t approve it.
    - Report suspicious behavior to your IT/security team right away.

    These attacks work when users let down their guard. Stay alert and help protect your account, your data, and the entire campus community. When in doubt—deny the push.
    Website Link: https://spidertechnet.richmond.edu/TDClient/1955/Portal/KB/ArticleDet?ID=144939

  • August 2025

    Published Date(s): 8/5/2025
    Title: Quarantined Emails? Stop and Think Before You Click
    Message: If an email has been quarantined, it’s for a good reason. Our security systems flag these messages because there’s high confidence they contain phishing or spam content. Clicking links or downloading files from quarantined messages can put your personal data and university systems at risk.

    Unless you are highly sure that a quarantined email is legitimate—and you recognize the sender, expected the message, and see no signs of phishing—you should not release or interact with it.

    What you should do:
    - Don’t click links or open attachments from quarantined emails.
    - Only release emails if you are confident they are safe and expected.
    - If you’re unsure, forward the message or contact infosec@richmond.edu for help.

    Security filters are there to protect you. When in doubt, err on the side of caution.
    Website Link: https://spidertechnet.richmond.edu/TDClient/1955/Portal/KB/ArticleDet?ID=131024

    Published Date(s): 8/12/2025
    Title: Quarantined Emails Are Red Flags
    Message: When you receive a notice that an email has been quarantined, it’s because our system detected strong indicators of phishing or spam. These messages are blocked to protect you and the university’s network.

    Do not release, click, or download from a quarantined email unless you are highly confident it is legitimate. That means you were expecting the message, trust the sender, and see no signs of phishing (like urgency, misspellings, or suspicious links).

    To stay safe:
    - Avoid interacting with quarantined emails unless you’re certain they’re safe.
    - Contact infosec@richmond.edu if you have questions or want help reviewing a quarantined message.
    - Trust that quarantined emails are flagged for a reason—don’t override the warning unless you’re sure.

    One careless click can have serious consequences. Pause, review, and reach out if you’re not sure.
    Website Link: https://spidertechnet.richmond.edu/TDClient/1955/Portal/KB/ArticleDet?ID=131024