In responding to frequent phishing attacks, CWRU has tuned its defenses and intelligence collection, gaining a deep understanding of various identity risks. When a series of password resets appeared the weekend before the April tax-filing deadline, we thought we smelled a phish campaign. It turned out to be a troubling use of exposed PII to break into our users' accounts to start tax fraud. This is a topic specific/intermediate level session.
Outcomes: Think about how a university's self-service password tools can be exploited to grant access to personal financial data via online systems * Develop a plan to prevent tax-season attacks
Presenters
Gary Burkholder
Information Assurance Analyst, Case Western Reserve University
Ruth Cannon
Information Assurance Analyst, Case Western Reserve University
Erin Fogarty
Information Assurance Analyst, Case Western Reserve University
Mike Maltbie
Information Assurance Analyst, Case Western Reserve University
Tom Siu
Chief Information Security Officer, Michigan State University