IS Security SpiderBytes

Published Date(s): 1/8/2026
Title: Research Opportunity Scam Emails
Message: Students have received scam and phishing emails impersonating University officials and faculty members. These messages promote fake research opportunities, employment offers, or urgent requests and may be sent to university or personal email accounts.

Please use caution with unexpected messages requesting quick action, sensitive information, or communication outside normal University channels. When in doubt, do not respond. Instead, verify the message directly with the individual using a trusted, separate communication channel (e.g. phone call). Otherwise forward the message to the UR Information Security spam reporting mailbox at spam@richmond.edu and someone from the Information Security team will review the email.

Your cybersecurity awareness helps protect the University community.

Stay Aware, Stay SpiderSecure!
Website Link: https://is.richmond.edu/infosec/index.html

Published Date(s): 1/9/2026
Title: Fake Windows Blue Screen Cyber Attack Update
Message: A recent cyber threat known as a “ClickFix” attack is using fake Windows “Blue Screen of Death” (BSOD) messages to trick users into installing malware. These messages closely resemble legitimate system errors and urge users to act quickly to “fix” the problem.

This tactic relies on urgency and familiarity with system messages, making it especially effective in busy higher education environments. Once installed, the malware may steal credentials, allow unauthorized remote access, and potentially lead to further compromise of systems and data.

Recommended Prevention Tips
- Never run PowerShell or Command Prompt commands from pop-ups or websites.
- Be cautious of unexpected error or crash messages. When in doubt, contact the Help Desk at 804-287-6400.
- Keep your device and browser up to date
- Report suspicious activity to Information Security (infosec@richmond.edu) or the Help Desk at 804-287-6400 immediately.
Website Link: https://www.bleepingcomputer.com/news/security/clickfix-attack-uses-fake-windows-bsod-screens-to-push-malware/

Published Date(s): 1/16/2026 | 1/21/2026
Title: January Flash Capture the Flag (CTF) 
Message: MetaCTF is hosting a January Flash Capture the Flag (CTF) competition on Thursday, January 22, from 5–8 PM ET. This fast-paced event is open to teams of any size and is a great opportunity to test and sharpen your cybersecurity skills in a competitive, hands-on environment. Registration is now open at https://mctf.io/jan2026.

In addition to our standard prizes from Antisyphon Training, Simply Cyber Academy, and TCM Security, the top five U.S.-based individual performers will earn an all-expenses-paid trip to the CyberBay Conference in Tampa, Florida, taking place March 11–13, 2026. Winners will also compete in an onsite CTF for a share of over $40,000 in cash prizes.

We’re also hosting an in-person happy hour in Washington, DC, on Friday, January 23, ahead of DistrictCon. If you’re local or attending, we’d love to connect. Reserve your spot at https://luma.com/3jqv9w96.

Good luck—and stay SpiderSecure!
Website Link: https://mctf.io/jan2026

Published Date(s): 1/22/2026
Title: LastPass Users Targeted
Message: On or around Monday, January 19, LastPass reported that some of its users were targeted by phishing emails urging them to back up their password vaults. These messages were not legitimate and were designed to create a false sense of urgency. The emails included step-by-step instructions for creating a vault backup and contained a link that directed recipients to a phishing website hosted on a fake LastPass domain. The goal of this campaign was to trick users into entering their master password, granting attackers full access to their accounts.

LastPass issued the following statement:

“Please be advised that LastPass is NOT asking customers to back up their vaults in the next 24 hours; rather, this is an attempt by a malicious actor to generate urgency, a common tactic used in social engineering and phishing attacks.”

To reduce your risk, remember to “Pause, Think, Act” before clicking links or responding to unexpected messages. If you suspect a phishing email, forward it to spam@richmond.edu or contact the IT Help Desk at 804-287-6400 for assistance.
Website Link: https://www.securityweek.com/lastpass-users-targeted-with-backup-themed-phishing-emails/

Published Date(s): 1/29/2026
Title: Issue with Cybersecurity Awareness Training
Message: Last week, Information Security published the optional cybersecurity awareness training, “Trending Threats (Optional Training)”. Shortly after publication, an issue was identified with the course that is preventing some users from accessing the content.

We are working with our Workday partners toward a resolution. At this time, no action is required from users.
Website Link: N/A