Recap of Part 2: Shelby received a suspicious email and reported it to the InfoSec team, who confirmed it was a phishing attempt. Bugsy, on the other hand, received a phishing email and fell for it, compromising his account and computer.

That night, while Bugsy slept, alerts were going off in the university’s Security Operations Center (SOC). A bad actor had infiltrated the university’s network and was trying to gain access to the Peoplesoft systems. Fortunately, InfoSec had taken precautions and had been alerted to this activity and its AI-powered end-point protection tool took action to stop the intruder. Early the next morning, a forensics investigation traced down the source of the intrusion and it was Bugsy’s account and computer.

As usual, Bugsy woke up, hurried through his morning rituals, and headed to work. He stopped at his favorite coffee shop’s drive-thru, ordered his iced latte, and tapped his phone to pay for his order. However, the transaction was declined, stating “insufficient funds.” This can’t be right, he thought. He checked that the payment app was linked to his debit card, and it was. He tried again, and it was once again declined. No problem, he thought and switched payment to his credit card. Again, “transaction declined.” People in the drive-thru were now getting angry and yelling at him. He dug into his wallet and found an old gift card, which was accepted.

When Bugsy got to work, his day got even worse. The first thing he did was check his bank account. Both his savings and checking account balances were $0. Then he checked his credit card, and it was maxed out. How could this be? He’d had plenty of money in his accounts and no balance on his credit card. As he was sitting at his desk feeling depressed, he got a visit from his manager and one of the InfoSec team. They told him his account and his computer had been compromised, and they needed him to reset his accounts and would take his computer for forensic and reimagining purposes. He told the InfoSec person about his bank accounts and credit card. “Did you use the same login name and password with your bank and credit card accounts as you do here at work?” asked the InfoSec person. Bugsy said he did. The InfoSec person explained that when the bad actor took control of Bugsy’s work account, they had access to everything on Bugsy’s computer. This included links to his online banking and credit card information. They used this to clean out his accounts. “Call the police. They probably can’t get your money back, but they might be able to help. Then call your credit card company and tell them what happened.”

Bugsy’s horrible week continued the next day. He’d spent the entire evening trying to fix his financial life with little success. When he got to work, he was overtired, scared, and stressed. He opened his email, and there was a message from the Department VP stating they were giving the promotion to Shelby Tortoise. Bugsy was devastated. He went to his manager’s office and asked why he didn’t get the promotion. The manager told him because he wasn’t detailed and careful enough in his work and that the cybersecurity incident hadn’t helped.

The moral of the story is that taking the time to follow proper cybersecurity practices, even if it seems slower, is ultimately more beneficial and can prevent significant issues. Shelby Tortoise, who was diligent and careful with her cybersecurity measures, was able to avoid a phishing scam and protect the university from financial loss. On the other hand, Bugsy Hare, who cut corners and ignored best practices, fell victim to a phishing attack, leading to severe personal and professional consequences.

As always, if you suspect something, report it to abuse@chapman.edu.

 

Stay safe, stay vigilant!

Keith Barros

Chief Information Security Officer (CISO)

Chapman University