Dear Team,

October is National Cyber Security Awareness Month and we’re taking this opportunity to help you stay informed about the latest security threats and how you can protect yourself. Your vigilance is our strongest defense against cyber threats.

Three Critical Security Topics to Know:

1. MFA Fatigue Attacks – Cybercriminals are targeting multi-factor authentication by bombarding users with repeated notifications, hoping you’ll approve one just to stop the alerts. Never approve an MFA request you didn’t initiate. If you receive unexpected MFA prompts, deny them immediately and report the incident to SJSU IT by emailing security@sjsu.edu.
2. Job-Related Scams and Phishing – Scammers are increasingly targeting employees with fake job offers, recruiter messages, and career opportunity emails. Be cautious of unsolicited job offers, especially those requesting personal information or upfront payments. Always verify opportunities through official channels and be wary of emails that create urgency around employment matters.
3. AI Privacy Concerns – As AI tools become more prevalent in the workplace, remember that sensitive university or personal information should never be entered into public AI platforms like ChatGPT or Gemini. These platforms may retain and use your inputs for training purposes. Our website has further guidance on how AI privacy best practices. 

For more information on how you can participate in security events and learn more, please visit our National Cyber Security Awareness Month page and Security Tips pages! As always, the SJSU IT Service Desk is here to help by phone at (408) 924-1530 or online.

Best regards,
Hien Huynh
Information Security Officer
SJSU IT