BearAware Bulletin - Fall 2015


Spearing Attacks Continue

Spearing emails are messages created with the express purpose of convincing the reader to give away sensitive information. These emails take many forms: password expiration notices, email quota warnings and/or Canvas/Blackboard messages. The emails will contain instructions to click a link or respond to the email with sensitive information such as Bear ID and password. The best way to prevent becoming a victim of spearing is:

  1. Never reply by email to a message that requests sensitive information.
  2. Do not click the links included in an email, and, specifically, do not submit personal information on the websites where these links lead.
When you open a link in an email, it is difficult to know if you have really reached the site you expect. Always open a web browser and type the URL you intend to visit before submitting Bear ID, password or other sensitive information. These spearing email messages can look very authentic.

Remember: Baylor will never send you an email asking that you reply with your username/password. If you are suspicious of an email that you receive, contact the ITS Help Desk at (254) 710-4357 (HELP).

Bear ID Password Changes

Baylor University requires that BearID passwords be changed every 180 days. If you receive an email notification that your password is nearing expiration, please visit to update your password. (NOTE: You should open a web browser and type this URL even though many email clients will translate the URL into a clickable link). You can get more information about Bear ID passwords and also reach the page to manage your Bear ID by visiting the ITS website ( and clicking the “Reset Password” button.


Last October, Baylor ITS implemented two-factor authentication for access to the faculty/staff VPN service. Baylor2Factor goes beyond passwords and requires a second factor of authentication, usually by providing a type of authentication on a mobile device app. The second factor of authentication prevents accounts from being accessed in the unfortunate case that a user’s password is compromised. In the upcoming academic year ITS hopes to expand this stronger level of authentication to other campus technologies that either store or transmit special personal information such as social security numbers and bank account information.

Follow @bearaware on Twitter and "like" BearAware on Facebook to keep up with the latest news and information about IT security. Follow @BaylorITS_Alert on Twitter for notifications of network outages and other Baylor-related IT emergencies. If you need IT assistance, contact the HELP desk at (254) 710-4357 (HELP).