Cyber security illustration

The Office of Information Security Services (OISS) has seen a rise in phishing attempts during the pandemic and continues to proactively protect the University against potential threats by utilizing industry best practices and procedures. One of these best practices centers around detecting and blocking scammers and/or ransomware attempts.

Ball State students, faculty, and staff have recently seen an increase in sextortion emails.  The sextortion emails are from scammers trying to blackmail recipients into giving them money, usually in the form of Bitcoin. The emails typically try to dupe the victims by referring to old passwords that have been part of old external data breaches and include threats to reveal images and videos of the victim watching or utilizing pornography, copies of their browser history or evidence that they downloaded videos from pornographic sites to their friends, family and contacts.

Ransomware attacks also continue to evolve and to increase, switching from mass consumer campaigns to highly targeted attacks on businesses across multiple sectors. Many ransomware campaigns actively target and delete backup systems. Even if you can restore from backup, ransomware actors are now threatening to publicly release personally identifiable information unless they are paid. The result is that average ransomware costs have more than doubled from the previous year and often involve prolonged downtime for businesses.

The Office of Information Security Services works hard to protect you, but there are precautions you can take to protect yourself and your information from these threats.

    • Regularly back up data and verify its integrity.
    • Use multi-factor authentication wherever possible.
    • Please be cautious when opening email attachments or links.
    • Install and apply patches to systems and mobile devices as vulnerabilities are discovered.
    • Pay attention to the senders of these emails. Many scammers will use an email address very similar to that of a legitimate company.
    • Delete or update any website or gaming accounts you no longer use. These can be used in targeting you for attacks.

If you think your account has been compromised or are threatened with these types of attacks, please contact the OISS by email at security@bsu.edu or by phone at 765-285-4390 if you would like to learn more or have any questions related to scam emails and/or ransomware attempts.