The Identity and Access Management Team is re-posting the following communication from the university’s Information Security OfficeISO The Information Security Office (ISO) is the university’s information security team. to campus staff.
The UT Directory, also known as the University White Pages Directory, now requires login with UT EIDUT EID The University of Texas Electronic Identity (UT EID or EID) is the public records identifier for principals at the university. See EID in the service catalog for more information. and password and Duo for multifactor authenticationAuthentication Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to a system’s resources. and is only accessible to members of the university community.
This change is intended to increase security and privacy and combat aggressive data mining from outside organizations for the purpose of socially engineering phishing and vishing scams that target members of the university community. When Duo for multi-factor authenticationMFA Authentication makes use of one or more factors of authentication: something you know (e.g., a password), something you have (e.g., your smartphone), or something you are (e.g., a fingerprint). Multi-Factor Authentication (MFA) makes use of two or more factors when authenticating you. was applied to most UT services in May 2020, attempts to phish credentials related to Duo increased with the goal of compromising the user’s account. Visit the ITS project page for more information.
Employees can reference this askUS help article for more information on UT Directory data.
A similar message has been sent to students. Students may contact Texas One Stop for help updating their personal information in the UT Directory.
Any university community member with an EIDUT EID The University of Texas Electronic Identity (UT EID or EID) is the public records identifier for principals at the university. See EID in the service catalog for more information. can find or reset their EID, manage their password, and get other forms of help with their EID by visiting the UT EID Self-Service Tools page.
What is phishing?
The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft is called “phishing
What is vishing?
Vishing is when you receive a call from someone, either a real person or an automation, encouraging you to take an action or give them sensitive data.
For more information on protecting your data, visit the Information Security Office website, https://security.utexas.edu/