¶¶ÒõÂÃÐÐÉä

Skip to main content

Faculty August Contract Pay & Email Security Alerts for Fall 2024

Norlin Library west view

BFA representatives were advised of two campus issues that could impact faculty at the start of the year and asked to share this information with their constituents and colleagues.

The first was about a new email security service called Abnormal Security email that is being rolled out this week by OIT. The rollout and details were announced in

The second item is regarding faculty contract selection and the impacts to August pay. August 19th is the first date for AY24-25 faculty contracts, which means there are fewer paid days for August paychecks.The deadline to make changes to faculty contract pay (9x9 v. 9x12) was in July and was communicated to department HR liaisons in May and June. It's recommended that faculty use the to ensure they know what to expect. 

Please use the links above and view additional details from OIT and HR listed below. 

This week OIT will be rolling out a new email security service, called Abnormal Security, to help protect personal information and university data. Abnormal Security further prevents email attacks that exploit human behavior such as phishing, social engineering and account takeovers. Abnormal Security only reviews emails that pass Microsoft’s 365 quarantine and so is an addition to our email environment and is in direct response to campus feedback about the desire for improved email security as we continue to be impacted by cyber-attacks.

Why is this needed now?

  • It takes on average 28 seconds from a phishing email’s arrival to a successful phish (Verizon DBIR 2024). On a recent August Saturday evening at 11:47pm, a phishing attack was launched against ¶¶ÒõÂÃÐÐÉä Boulder and within 65 minutes, 254 ¶¶ÒõÂÃÐÐÉä Boulder accounts were compromised because they fell for this attack. Such attacks put personal and university data at risk.
  • Over the past year, ¶¶ÒõÂÃÐÐÉä Boulder students have lost thousands of dollars to phishing attacks while faculty and staff have had their paychecks impacted, lost control of their personal data, and had their accounts used to attack students and other faculty and staff members.
  • During the past six months while OIT was piloting the service, Abnormal Security detected and would have stopped 793,000 advanced attacks from reaching members of our campus community including the recent August attack.
  • The start-of-semester time frame historically sees a significant spike in attempted attacks.
  • For questions regarding Abnormal please contact: oithelp@colorado.edu or 303-735-4357

What is the risk to faculty?

  • During the six-month pilot, OIT has seen a 0.0004% false positive rate out of all emails arriving to ¶¶ÒõÂÃÐÐÉä Boulder. A false positive is when an email is incorrectly identified as malicious and blocked. Abnormal Security is an additional layer on top of the Microsoft 365 quarantine service.
  • What is OIT doing to prepare for false positives? OIT reviews Abnormal Security logs daily for false positives, proactively contacts recipients if a suspected false positive is discovered, and continues to train the system to reduce this possibility.
  • OIT met with other universities who have implemented Abnormal Security and ensured our practices around reporting phishing and inquiring about suspected missing emails is in line with best practices.
  • OIT can always be contacted by any faculty, student or staff who believe an email they were expecting was not received. If the email was stopped because of Abnormal Security, it can be recovered if reported to the IT Service Center within 30 days of expected receipt.
  • OIT and Abnormal Security continue to train the system and measure false positives to continue to reduce the 0.0004% rate further to best support and protect the campus community.
All faculty contracts will begin August 19th which means there will only be 10 working days associated with August contract pay.  Due to the lower number of working days for August, the contract payment schedule will allocate a lesser amount for August as opposed to September which is a full month of work with 21 paid days. All faculty should expect this to yield a lower paycheck for their August payroll, much like last year. HR has provided a contract pay calculator that faculty may access to assist with planning: https://www.cu.edu/docs/contract-proration-calculator. Faculty should contact their department/unit HR liaison for questions