Skip to main content

Cornell University

IT@Cornell

Latest News

Hackers don't break in they log in

On Friday, July 4, criminals targeted Cornell through a sophisticated phishing scheme. The attackers strategically timed their campaign to coincide with the federal holiday, a period when user vigilance is typically reduced. 

While most of Cornell enjoyed a day off, the IT Security Office worked hard to protect Cornell’s data, employee paychecks, and employees’ personal information. 

This attack demonstrated a level of sophistication that has not been seen previously, causing several individuals to fall for it. It is clear that criminals are now incorporating artificial intelligence in crafting their attacks. This is likely to happen again: criminals view our time off as a lucrative workday and will improve their methods of attack as we adjust our defenses. 

Protect Yourself: Switch to a Passkey 

With a Secure Connect passkey you won’t need to submit your NetID and password, or use Duo, to log in to most Cornell websites. Even if a hacker manages to trick you with a phishing message, they won’t get past your passkey. Take five minutes and set yourself up with one-touch login.

Already have a passkey? Great!  

Stay Vigilant 

The Cornell community excels at spotting phishing attempts, so most of the time, the attackers fail. But since attackers see Cornell as a high-value target, they relentlessly try new tactics. 

Get savvy about social engineering. 

Does the email threaten you? Try to exploit a fear? Carry a sense of urgency? Claim your job is on the line? Or just doesn’t feel quite right? 

If any of these apply, close the email and give yourself time to think. 

Act, but don’t react. 

Check the Phish Bowl. Contact your manager or department head directly. Report suspicious emails to the IT Security Office. 

Also, if you forward your Cornell email from Outlook to another service (your Cornell Google account, for example), be extremely wary about clicking links. Outside of Outlook, you don’t get the protection from bad links that Microsoft SafeLinks provides.

Thank you for all you do as a community to protect Cornell from cybercriminals. 

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.