Understanding cyber-security and being aware of technology risks is everyone's responsibility.

Security Awareness Training

Security awareness training is an important part of UNC Charlotte’s IT security and compliance program. Employees have access to information and data that may be confidential or sensitive in nature; therefore, it is important to know how to safeguard that information. The online Security Awareness training is designed to raise awareness about information security, good information security practices, and related university IT policies. The online, video-based training is comprised of 13 core modules, ranging from 1 to 5 minutes each and will take about 45 minutes to complete. Videos can be viewed individually as time permits and closed captioning is available. 

All employees are encouraged to take this training. Security Awareness Training FAQ.

Report Phishing and Spam Emails

Phishing is a type of spam email that maliciously attempts to capture login credentials or other sensitive information. Be skeptical and look for these warning signs:

  • The message asks you to update, confirm or reveal personally identifiable information such as your username and password.
  • The message creates a sense of urgency.
  • The message has an unusual “From” address.
  • When hovering over a link in the email it doesn’t match the URL or website address it allegedly represents.
  • There are grammatical errors or awkwardly phrased language.

If you receive an email that you believe may be phishing or spam, do not reply, click on a link, or open any attachments. Forward the email to and ITS will investigate. If you believe you may have fallen victim to a phishing email, change your NinerNET password immediately.

Report a Security Incident

Any event that could lead to someone gaining unintentional, unlawful, or unauthorized access to university information or resources is a security risk and must be reported immediately. Examples of a security incident include any of the following:

  • Unauthorized access to systems or data
  • Lost or stolen equipment
  • Discovery of sensitive or confidential information on a public website
  • Inadvertent sending of sensitive or confidential information to unauthorized recipients

To report an actual or potential security incident, send email to