• panther status on campus
Information Services & Technology

Information Security

» Information Security

The Information Security Office maintains a world class cyber security framework for strategies, standards, and policies. These ensure that all identified information assets are available with appropriate integrity and confidentiality.

Please follow Information Security Recommendations for Personal Computer Usage.

For information security questions please Contact Us. To report an incident, please use the "Report Incidents" button on this page.

Please continue to report any suspicious or malicious message by forwarding it as an attachment (ctrl-alt-F  in Outlook) to abuse@chapman.edu.  

Latest security Alerts

Below are the latest security alerts for our Chapman community.

Toggle Section

06/30/2020 : Subject : Urgent Need

XXXX are you available?

Dr.Julie Artman

Chair of the Collection Management Division


*Infosec Note: This is a gift card scam.learn more about gift card scams at www.chapman.edu/scams

06/10/2020 : Subject : Director added you to a Project team!

chapman.edu Collaborative Teams
Director added you to a Project team!

chapman.edu Director

Follow up urgently to be part of this project.

Open chapman.edu Team


Information Security Note: This is a phishing email

06/09/2020 : Subject : [-Password Expired-]

Password Expired

Hi [ChapmanUsernameHERE]

The password of your email account daringer@chapman.edu will expire today 09/06/2020

Please click below if you want to keep using same password
Keep Same Password


The account team
chapman.edu | Security


Information Security Note: This is a phishing email

05/05/2020 : Subject : Urgent

Hello, are you available?

Ronald P. Jordan, BPharm, RPh, FAPhA
School of Pharmacy
Chapman University
InfoSec Note*: This looks like a gift card scam. The sender is  "Ronald P. Jordan <rpjordanchapman[at]gmail.com>" learn more about gift card scams at chapman.edu/scams

04/26/2020 : Subject : OLIVIA (1 202-205-6510) has left you a message 23 second(s) long

*InfoSec note: The email comes blank and contains a .htm attachment which, when opened, redirects the user to a phishing site that requires the user to enter their password.

If you entered your password on the fake chapman page, please go to password.chapman.edu and reset your password.

COVID-19 Scams on the rise 3-26-2020

The Office of Information Security is receiving notifications about new scams and phishing emails that use the Coronavirus pandemic as an “attention-grabber”.

Some of the most recent scams and hacks:

  • The 'Emergency - COVID-19 Informator' or 'COVID-19 Inform App'.
For this scam, the attackers compromise home routers with weak admin passwords and change the DNS information. The user is prompted to install the fake COVID-19 informator or Inform App which is the Oski information-stealer. 
What to do: Make sure you are not using a default or weak Home router admin password.
Read source article here.

  • Phishing emails with Ransomware attachments
Phishing emails have been spotted in the wild using ransomware as attachments
Ransomware – a malicious program that encrypts the contents of a hard drive making it impossible to retrieve office documents or pictures unless a ransom is paid.
What to do: Do not click links or download attachments from senders you do not know.
Read source article here.


  • Corona Antivirus
With a very enticing name, here comes the fake “Corona Antivirus”.
This fake Anti-Virus promises to keep you safe from the Covid-19 virus using a computer program.
What you get instead : a backdoor that gives the hackers users access to your computer and all your information.
What to do:  Keep your existing antivirus up to date. If you do not have an anti-virus, download and install Microsoft Defender – the Microsoft anti-virus. For Windows 10 or for Windows 7.
Read Source article here.

Additional tips and tricks to stay safe:

  • Wash your hands
  • Stay home and practice social distancing
  • Change your home router password (use a strong password, over 8 characters, numbers, upper lower case letters, special characters)
  • Do not connect to open wireless networks (that do not require a password to connect to)
  • Go to the source: If you need to obtain information or you receive an email that urges you to take action, go to the source. EG: if you receive an email from your bank, check with your bank using the information posted on the banks official website. If you receive an email pretending to come from the cdc , go to the cdc.gov website.
  • Maintain your Operating System (Windows, Mac) up to date by installing the latest updates.
  • Use a reputable Anti-Virus program – Microsoft Defender or Security Essentials is a good start. Keep your anti-virus up to date.
  • If you receive any suspicious emails, please use the “Report Message” button on the Microsoft Outlook toolbar to send us the email.



Zoom users: beware of 'zoom bombing'

Beware of "zoom bombing": Malicious people are joining zoom calls and sharing very inappropriate videos on the call. We recommend:

Please see Zoom Bombing Prevention for tips and tricks to stop unauthorized users from taking over your Zoom meeting.


Dear all,


We received notification today about the existence of a website (corona-virus-map[.]com) that promises up to date information about the COVID-19 corona virus, but whose real purpose is to infect visitors' computers with malware. This particular site stole an image from the John Hopkins interactive map and will only compromise unpatched Windows systems. However, we can expect other malicious actors to use the current concern about COVID-19 to spread all kinds of malware, via links in email, dangerous attachments, or  infected websites. Some malware will aim for financial gain by installing ransomware or stealing credit card information. Other malware will quietly establish a presence on our network for hackers - potentially sponsored by foreign states - to attack other systems. 

 As always, please be careful about opening any message, link or document that arrives unexpectedly, comes from an unknown source, or leads to a novel destination. Alarmist language, typos and/or inconsistencies can be indicators that there is malware involved. If you have any concerns about the validity of a message, check with the sender first or contact our IT help desk.

Please use official websites such as the cdc website: https://www.cdc.gov/coronavirus/2019-ncov/index.html

Or the official John Hopkins website: https://coronavirus.jhu.edu/map.html

Keep calm and do not react to any emails or voicemails that try to instill panic. As always, forward any suspicious voicemails and emails to abuse@chapman.edu.

Thank you!

02/26/2020 : Subject :Urgent Favor

External Message



Are you available?

I need gift cards for a select group of clients and have to send them out in less than an hour. I would provide you with the type of gift cards and amount of each.

Sent from my iPad


NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.


*InfoSec Note: This is a simulated phish email. Announced in the "Working at Chapman" newsletter sent on 2-24-2020.

02/25/2020 : Subject :Hello---&gt;&gt;;

Sent: Wednesday, February 26, 2020 4:25 AM

Subject: Hello--->>>>


External Message



How are you? I want to discuss an important issue with you urgently.

Yours Faithfully,

Miss Rose.


NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.


02/18/2020 : Subject :Let’s do this funds transfer


Your assistance is needed for funds transfer. A reputable Chambers is conducting a standard process investigation and I would like you to assist with this independent inquiry I am working with this Chambers in partnership. I work in a financial institution where the above mentioned chambers late client’s funds are deposited before his death. We want to work with you please let me know if you are interested.
Best Regards,



*InfoSec note: This is a scam aimed at stealing the victim's bank account information.

09/12/2019 : Subject :Wire Transfer Confirmed

Hello Customer,

This is an alert notice:

A Wire transfer , recently initiated from your bank account (by you or another person), was cancelled by the Federal Reserve Wire Network yesterday.
Please click here to view further information


-H.J Potter, Team Lead

08/09/2019 : Subject :Your mailbox at XXX[@]chapman.edu is 99% full.

From: chapman.edu IT <it[@]chapman.edu>
Sent: Friday, August 9, 2019 8:44 AM
To: Trinh, Dominic <XXXX[@]chapman.edu>
Subject: Your mailbox at XXXX[@]chapman.edu is 99% full.

External Message

Dear XXXX[@]chapman.edu,
You have 5 new held messages marked as important
We have included some of the messages below for your review. Kindly upgrade your mailbox at XXXX[@]chapman.edu. The upgrade process takes few seconds only. Failure to upgrade your mailbox at XXXX[@]chapman.edu would lead to permanent lost of important messages and malfuntion of your mailbox due to lack of enough space for effective function.
If you wish to keep using your emailΙ, kindly cΙick below
You can also manage held messages in your Upgrade Mail-Box Space.

chapman.edu Administrator
This message was sent to trinh@chapman.edu, If you received this message by mistake kindly delete it.

NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.


*InfoSec Note: This is a "classic" email credential phishing. Posing as the IT department, the attacker is aiming to obtain your Chapman University Password and Username.

Notify IS&T immediately when you become aware of...

  • Theft or missing computer, laptop or mobile device
  • Breach of sensitive information (social security number, student records, etc.)
  • Any computer infections or spyware
  • Serious system outages