Use caution with USB drives
The Duke IT security offices are asking faculty, staff and students to use caution if they receive packages containing products and USB devices. Current reports suggest that there have been recent increases in cyber attacks from foreign entities sending products such as gift cards, teddy bears or other miscellaneous items with USB devices through the U.S. Postal Service (USPS). The USB devices contain software that can install malicious spyware.
You should never plug an unknown USB into any computer system. If you receive a package containing a USB, particularly if you are not expecting it and it comes with unsolicited items, do not plug it into your computer. Contact the Duke IT security teams at email@example.com for guidance.
The Department of Homeland Security offers these recommendations.