---

Cyber Security develops new high-visibility alert

E-mail “phishers” looking to capture e-mail credentials or other personal and professional information have become masters of disguise. Often their attempts appear as legitimate security notifications, and occasionally they sneak through department’s e-mail filters.

A recent attempt by a fraudulent source based in Russia enticed a number of ITD employees to respond with their log-in information.

The information breach prompted ITD Cyber Security Officer Craig Schumacher to look for an alternative – an alert that is easily identified as an official internal alert. Schumacher challenged Communications staff member Rik Hinton to develop a cyber security logo to attach to alerts. He also designed a notification message that clearly identifies ITD as the source and contains a reply option that goes directly to a new cyber security e-mail address: ITDCyberSecurity@itd.idaho.gov.

“We wanted to create a method of notifying our employees about a cyber security alert so they know it’s from us and is a legitimate notice,” Schumacher explains. “We wanted a format that captures their attention and encourages them to take a specific action.”

The new alert includes a striking logo based on ITD’s logo, in red and blue on a bright yellow background. The format is clear, unmistakable and difficult to replicate. The “ITD” in the logo will distinguish the alert as unique to the department and not from another stage agency – an important distinction when many state agencies eventually move toward a common presence on the Department of Administration’s statewide system.

Employees who believe they are targeted by “phishing” attempts should notify the ITD cyber security team at ITDCyberSecurity@itd.idaho.gov or call 334-8158 (7-8158 from beyond Headquarters.) After-hours calls will automatically go to voice mail.

See the first ITD Cyber Security alert message

Published 1-11-2013