Â鶹ӰԺ

This week OIT will be rolling out a new email security service, called Abnormal Security, to help protect personal information and university data. Abnormal Security further prevents email attacks that exploit human behavior such as phishing, social engineering and account takeovers. Abnormal Security only reviews emails that pass Microsoft’s 365 quarantine and so is an addition to our email environment and is in direct response to campus feedback about the desire for improved email security as we continue to be impacted by cyber-attacks.

Why is this needed now?

• It takes on average 28 seconds from a phishing email’s arrival to a successful phish (Verizon DBIR 2024). On a recent August Saturday evening at 11:47pm, a phishing attack was launched against CU Â鶹ӰԺ and within 65 minutes, 254 CU Â鶹ӰԺ accounts were compromised because they fell for this attack. Such attacks put personal and university data at risk.
• Over the past year, CU Â鶹ӰԺ students have lost thousands of dollars to phishing attacks while faculty and staff have had their paychecks impacted, lost control of their personal data, and had their accounts used to attack students and other faculty and staff members.
• During the past six months while OIT was piloting the service, Abnormal Security detected and would have stopped 793,000 advanced attacks from reaching members of our campus community including the recent August attack.
• The start-of-semester time frame historically sees a significant spike in attempted attacks.
• For questions regarding Abnormal please contact: oithelp@colorado.edu or 303-735-4357

What is the risk to faculty?

• During the six-month pilot, OIT has seen a 0.0004% false positive rate out of all emails arriving to CU Â鶹ӰԺ. A false positive is when an email is incorrectly identified as malicious and blocked. Abnormal Security is an additional layer on top of the Microsoft 365 quarantine service.
• What is OIT doing to prepare for false positives? OIT reviews Abnormal Security logs daily for false positives, proactively contacts recipients if a suspected false positive is discovered, and continues to train the system to reduce this possibility.
• OIT met with other universities who have implemented Abnormal Security and ensured our practices around reporting phishing and inquiring about suspected missing emails is in line with best practices.
• OIT can always be contacted by any faculty, student or staff who believe an email they were expecting was not received. If the email was stopped because of Abnormal Security, it can be recovered if reported to the IT Service Center within 30 days of expected receipt.
• OIT and Abnormal Security continue to train the system and measure false positives to continue to reduce the 0.0004% rate further to best support and protect the campus community.

All faculty contracts will begin August 19th which means there will only be 10 working days associated with August contract pay.  Due to the lower number of working days for August, the contract payment schedule will allocate a lesser amount for August as opposed to September which is a full month of work with 21 paid days. All faculty should expect this to yield a lower paycheck for their August payroll, much like last year. HR has provided a contract pay calculator that faculty may access to assist with planning: https://www.cu.edu/docs/contract-proration-calculator. Faculty should contact their department/unit HR liaison for questions.