January News from Information Security – Cybersecurity News & Alerts

Welcome to 2026! I hope your holidays were restful and enjoyable. Mine were very good, but of course, not long enough. The world kept on spinning while we took some time to relax and prepare for a brand new year. So much was happening at the end of the semester and during the holidays themselves that I gave you a month off from the newsletter in December.

As already mentioned, the world kept on spinning, so cyber-criminals kept sending phishing emails and trying to exploit users. While the absolute volume of phishing emails reaching our inboxes in December did not reach levels of previous years, the complexity and variety did not fail to impress. There were mostly fake invoices and payment requests. These emails were fairly well written, probably because most of them were generated by AI. AI email construction and the use of AI to spread the sending of these emails across hundred of compromised accounts across the world made combatting these a bit more difficult, but that will always be the case. I did have to pay attention to these emails almost daily during the break, but that’s why they pay me…the bucks. As I write this article, more of these AI generated emails a rolling into our system, but thankfully, most are dying in my inbox and not making it to yours.

The best way to make sure no one falls for a phishing email is to make sure that everyone gets adequate cybersecurity awareness training. We wrapped up our Fall 2025 training with good numbers. Over 30% of our students completed the training, with over 90% faculty and staff completing it. That is great and I want to thank everyone who completed the training – particularly those who completed it before the due date. Students were bribed to take the training and one lucky student won a prize in the drawing that consisted of those who completed the training on time. Luckily, for those who did NOT complete the training, everyone will have another opportunity to complete cybersecurity awareness training very soon.

Data Privacy Week is January 26th-30th and in addition to an article concentrating on privacy being released on this site that week, it will also mark the beginning of the Spring 2026 cybersecurity awareness training schedule. Training will be similar to what we did in the fall, with the same platform in use, but with different training modules. To emphasize the importance of protecting your privacy, the training will include more questions about the best ways to maintain your privacy while online. The Data Privacy Week article will include a link to the Hoxhunt training platform (our chosen cybersecurity awareness training vendor), but also be looking for an email invitation that week to complete the training for this semester. Please try to complete it before the semester sucks you into the chaos…

On an entirely different cybersecurity topic (or maybe not entirely different, you be the judge), I want to remind everyone that you should not use your Berry email account for sensitive personal business, including banking or other financial activity, insurance or medical correspondence, or any transactions of a personal nature. This goes for both employees and students. Our mail filters are designed to deter phishing emails as much as possible and favorite topics for phishing emails include financial transactions, fraudulent medical and insurance scams, and other subjects that are generally addressed in PERSONAL email accounts. One particularly jarring activity that has been conducted via Berry email accounts recently is house or property purchases. Why, oh, why would you complete a major financial transaction with a work or student email account? Why? Why?

Finally, not to spill too many of the proverbial beans, I want to mention that to encourage completion of cybersecurity awareness training, we have been looking for an appropriate “carrot” to offer. We made an attempt last semester for the students by offering a prize drawing for those who completed it on time. We will probably to that again for students, but we are also investigating other possibilities to include everyone with an incentive. I will hopefully have more information in the Data Privacy Week article. If not, I will attempt to get the information into the February newsletter, so don’t miss it.

That’s it! Short and to the point. More details about cybersecurity awareness training will be in the Data Privacy Week article and email, so don’t miss it.

All Berry students, faculty and staff have MFA enabled on their Berry account, and you should use it in the most secure way via the Microsoft Authenticator app on your smart phone. But don’t stop there! Use the Microsoft Authenticator as your second factor on any site that supports Google Authenticator. Turn on MFA/2FA everywhere you can. Yes, it will take you another few seconds to log in, but your data and account will be safer.

Please continue to report those phishing emails! Avoid using “unsubscribe” links and report both spam and phishing via the “Report” button.

If I’m not covering a topic of cybersecurity you are interested in or concerned about, please let me know. I want to be your first and best resource on cybersecurity information, so tell me how I can help and inform you.

Check out https://support.berry.edu for more information about OIT and the services we provide. You can always check back here for warnings about current phishing emails, confirmations of valid emails you might have a question about, and data breach notifications.

Food For Thought

I know I promised more music in the last newsletter (November’s, not December’s, which got skipped), but this video is a rarity on YouTube – one that actually explains or answers the question in the title, and is not just click-bait, so I went with it. Plus, I didn’t discover any new, cool music in December, as it was full of…Christmas music.

Have you ever wondered why you don’t generally see cabooses on trains anymore? Or are you the one who turns around and finds an alternate route instead of watching hundreds of tons of freight cars roll by with ear-shattering squeals? Either way, this video about why cabooses disappeared is interesting, and while it is a little longer than what I normally showcase here, for those who were wondering, it actually answers the question.