IS Security SpiderBytes

Published Date(s): 10/1/2025
Title: October is Cybersecurity Awareness Month
Message: October is Cybersecurity Awareness Month. This year the theme is “Stay Safe Online”. Throughout the month we will be communicating awareness about the importance of cybersecurity and secure online tips. Even more, we will hosting a number of SpiderSecure events, including a Cybersecurity Awareness Fair, the 2025 Capture the Flag event, and a month long SpiderSecure Scavenger Hunt.

The below tips will help you stay safe online and stay SpiderSecure!

-Use strong passwords and a password manager
-Enable multi-factor authentication
-Recognize and report scams
-Update your software

Stay cool, stay secure—because cybersecurity should be as smooth as soft-serve.
Website Link: https://www.staysafeonline.org/cybersecurity-awareness-month

Published Date(s): (10/2/2025 | 10/3/2025)
Title: SpiderSecure Scavenger Hunt Kickoff
Message: Information Services (IS) Security team is kicking off Cybersecurity Awareness Month with a SpiderSecure scavenger hunt. Throughout the month there will be a number of SpiderSecure events and tips shared through Spiderbytes. Some will have codes attached to them, so be sure to read them all and collect the (4) codes.

Who: UR faculty, staff, students
What: SpiderSecure Scavenger Hunt
Where: Spiderbytes (via email)
When: Wednesday, October 2nd to Friday, October 31st
Why: To highlight SpiderSecure events and tips for October is Cybersecurity Awareness Month
How: Look out for SpiderBytes from IS Security and collect all (4) embedded hexadecimal codes.

Prizes: The first student and first faculty or staff member to email all (4) codes to IS Security (infosec@richmond.edu) will each be awarded a special prize.
Website Link: https://is.richmond.edu/infosec/index.html

Published Date(s): Published every Tuesday starting on 10/7/2025 until 10/21/2025
Title: Signup for 2025 Capture the Flag event
Message: Are you interested or curious about cybersecurity? Then sign up for the 2025 Capture the Flag event. The four-day challenge runs from Friday, October 24th 4PM EST to Monday, October 27th 4 PM EST and can be played at your own pace.

Who? UR Faculty, Staff, & Students
What? 2025 Capture the Flag event & Win Prizes
Where? Online
When? Friday, October 24th 4 PM EST to Monday, October 27th 4 PM EST
How? With a team up up to (4) players, a laptop, internet, and at your own pace

Prizes TBD and will be awarded to the categories below.

-First Place Student Team
-First Place Faculty/Staff
Website Link: https://mctf.io/uofrichmond

Published Date(s): 10/17/2025 - Publish w/ Code| 10/22/2025
Title: Cybersecurity Awareness Fair
Message: Come join us at the HDC lobby area on Wednesday, October 22nd, from 11:30 AM to 1:30 PM to celebrate National Cybersecurity Awareness Month! We will provide cybersecurity recommendations and tools to help you secure your digital life as well as have our popular password strength testing station. Additionally, we will be sharing information on how you and your friends can compete in the 2025 Capture the Flag event. Stop by our booth to get some security stickers and candy! Bring a friend, learn something new, and keep being Spider Secure!

Location: Heilman Dining Center (HDC) Lobby
Website Link: https://is.richmond.edu/infosec/events/index.html

Published Date(s): 10/24/2025
Title: Ready, Set, Capture the Flag Event
Message: Today is the day to get ready, set, and capture some flags! The 2025 Capture the Flag event begins at 4PM today. You and your team (up to a total of 4 members) can begin solving and capturing flags. If you have not signed up yet, you can register at any point during the event. The first-place student team and the first-place faculty/staff team will each receive individual Spider Secure t-shirts as well as a security swag bag in recognition. All faculty, staff, and students who participate and complete at least one challenge will receive a Certification of Completion and be eligible to be entered into a raffle to win some cybersecurity goodies. Good luck this weekend and have fun!

Website Link: https://is.richmond.edu/infosec/events/2025-capture-the-flag-ctf.html

Published Date(s): 11/5/2025 | 11/7/2025
Title: Travel & Security (Optional Training)
Message: Whether you’re traveling for business or leisure, protecting your devices and online privacy is essential. The Travel & Security training, available through Workday Learning, provides practical tips to help you stay secure on the go. Through the SpiderSecure training video, you’ll learn simple but powerful steps to safeguard your data — from creating strong passwords and enabling multi-factor authentication to backing up your files and using a VPN on public Wi-Fi.

This short, optional course is a great way to build your security awareness and travel with confidence.

Remember: Travel smart, travel secure, and stay Spider Secure!
Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/traveltech.html

Published Date(s): 11/17/2025
Title: 2026 Cybersecurity Awareness Training
Message: The IS Security team is excited to announce the upcoming 2026 Cybersecurity Awareness Training launching in January 2026! These new trainings will be introduced as micro-trainings with engaging and relevant security topics to help you make cybersecurity a daily habit.

Every month an optional training will be posted and required trainings for faculty and staff will be assigned each quarter. Be on the lookout for the 2026 trainings to be posted to your Workday Learning account, where all assigned modules will appear once the program launches.

Assigned training will highlight current security topics—including phishing trends, data protection, and safe online practices—helping you stay informed and prepared against evolving threats. The new format is flexible, easy to complete, and focused on practical skills you can apply right away.

Thank you for doing your part to Stay Spider Secure!
Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/index.html

Published Date(s): 11/24/2025
Title: 2026 Cybersecurity Awareness Training
Message: The IS Security team is excited to announce the upcoming 2026 Cybersecurity Awareness Training, launching in January 2026! These new trainings will be introduced as micro-trainings with engaging and relevant security topics to help you make cybersecurity a daily habit.

Every month, an optional training will be posted, and required trainings for faculty and staff will be assigned each quarter. Be on the lookout for the 2026 trainings in your Workday Learning account, where all assigned modules will appear once the program launches.

Assigned training will highlight current and emerging security topics—including phishing and spearphishing, social engineering and oversharing, vishing and smishing, tailgating, strong passwords, multi-factor authentication (MFA), AI and deepfakes, physical and remote security, FERPA and PII protection, and other trending threats. The new format is flexible, easy to complete, and focused on practical skills you can apply right away.

Thank you for doing your part to Stay Spider Secure!
Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/index.html

Published Date(s): 12/4/2025
Title: 
Message: As you prepare for the holiday break stay aware of possible cyber threats. One of those is a growing threat called an MFA fatigue attack. Spiders use MFA DUO to authenticate to the UR network and this can lead to a potential MFA fatigue attack. This occurs when a cybercriminal—after obtaining a user’s password—floods their device with repeated MFA push notifications. The attacker’s goal is to wear the user down until they accidentally or reluctantly tap “Approve.” When this happens, the attacker can gain full account access.

Be on the lookout for:
- Multiple MFA prompts sent back-to-back.
- MFA prompts for unfamiliar apps or locations.
- Login approvals that feel urgent, pressured, or out of the ordinary.
- Requests that appear late at night or while you’re not logging in.

Keep preparing for the holiday break and stay SpiderSecure!
Website Link: https://is.richmond.edu/infosec/index.html

Published Date(s): 12/5/2025
Title: Travel & Security Quick Tips
Message: As you prepare for holiday travels here are some cybersecurity tips we recommend especially for international travel. These guidelines are not foolproof, but every additional measure taken can help you stay Spider Secure!

- Change your passwords or passphrases before you go. Consider using a password manager, such as LastPass® if you do not currently use one.
- Delete apps you no longer use.
- Update any software, including antivirus protection, to make sure you are running the most secure version available.
- Turn off Wi-Fi and Bluetooth to avoid automatic connections.
- Turn on device tracking and/or remote wiping options in case it is lost or stolen.

By using these tips, you will make it harder for cyber criminals to ruin your holiday spirit!
Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/traveltech.html

Published Date(s): 12/10/2025
Title: Holiday Gifts Not Scams
Message: The holiday season can be a busy time filled with travel, celebrations, and gift-giving. However, it’s also peak season for cybercriminals looking to take advantage of the hustle and bustle. As you shop, travel, or sell items online, please take a moment to stay alert and protect yourself from scams designed to steal your money, information, or holiday cheer.

Cybercriminals often send fake shipping notices, order confirmations, or payment requests to trick you into clicking harmful links.

- Hover over links to check the real URL before clicking
- When in doubt, go directly to the shipper’s website and enter the tracking number manually
- Enable multi-factor authentication (MFA) on your accounts for an added layer of protection
- Be cautious of unexpected messages urging quick action or offering deals that seem too good to be true

Stay safe, stay aware, and enjoy a scam-free holiday season!
Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/index.html

Published Date(s): 12/11/2025
Title: Be Wary of MFA Fatigue Attacks
Message: If you receive MFA push notifications you didn’t expect, it’s important to recognize the signs of a possible MFA fatigue attack. Cybercriminals often rely on confusion and repetition to trick users into approving a login they didn’t initiate.

To help you stay secure, here are a few important steps you can take to minimize the risk of MFA fatigue attacks.

- Use strong, unique passwords for each account.
- Turn on number-matching MFA if available to prevent one-tap approvals.
- Never approve an MFA request you didn’t initiate—always deny suspicious prompts.
- Reset your password immediately if you receive repeated unexpected MFA notifications.
- Enable login alerts so you can quickly spot unfamiliar activity.
- Keep your devices and apps up to date to ensure the latest security protections.

Enjoy the holiday break and stay SpiderSecure!
Website Link: https://is.richmond.edu/infosec/index.html

Published Date(s): 12/17/2025
Title: Have a SpiderSecure Holiday!
Message: The holiday season is here along with flights, shopping, decorating, and delicious food. Enjoy spending time with family and friends while remembering to Secure Your Holiday Season with these simple tips.

During the holidays, cybercriminals ramp up their efforts—especially through gift card scams. Be cautious of unexpected messages asking you to buy gift cards or share card numbers and PINs. Legitimate organizations and coworkers will never request payment this way, and any urgent or pressured demand is a major red flag.

Holiday travel and new tech devices also create opportunities for attackers. Before you hit the road, secure your devices by enabling passcodes, installing updates, and turning on multi-factor authentication. Avoid using public Wi-Fi for sensitive activities, and consider a VPN when traveling. If gifting or receiving new devices, update default passwords, install security patches, and review privacy settings right away.
A few simple steps can help you stay safe this season.

Enjoy the holidays and stay SpiderSecure!
Website Link: https://is.richmond.edu/infosec/cybersecurity-awareness-education/index.html

Published Date(s): 12/18/2025
Title: Pause before you Tap!
Message: To help you stay secure, here are a few important steps you can take to minimize the risk of MFA fatigue attacks. These simple practices add strong layers of protection to your account.

Recommended security actions:
- Use strong, unique passwords for each account.
- Turn on number-matching MFA if available to prevent one-tap approvals.
- Never approve an MFA request you didn’t initiate—always deny suspicious prompts.
- Reset your password immediately if you receive repeated unexpected MFA notifications.
- Enable login alerts so you can quickly spot unfamiliar activity.
- Keep your devices and apps up to date to ensure the latest security protections.

Lastly, pause before you tap and stay Spider Secure!
Website Link: https://is.richmond.edu/infosec/index.html