Entries Tagged 'Security Tips' ↓

Beware of phishing attempts targeting the ASU campus

It has been a while since Computing Services sent a reminder regarding phishing and scam emails. Phishing emails are malicious emails where the attacker will pose as a legitimate organization to attempt to trick you into clicking on malicious links, download attachments, and could possibly lead to disclosing your personal information.

Following are the steps to distinguish phishing from regular emails:

Don’t trust the display name

A favorite phishing tactic among cybercriminals is to spoof the display name of an email. Experts have found that nearly half of all email threats spoofed the brand in the display name. The bottom line is don’t trust the display name. Check the email address in the header from—if looks suspicious, don’t open the email.

Look but don’t click

Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. If you want to test the link, open a new browser window and type in website address directly rather than clicking on the link from unsolicited emails.

Check for spelling mistakes

Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Analyze the salutation

Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Don’t give out personal information

Legitimate banks and most other companies will never ask for personal credentials via email.

Beware of urgent or threatening language in the subject line

Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”

Review the signature

Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.

Don’t click on attachments

Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Don’t trust the header from email address

Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address.

Don’t believe everything you see

Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

If you have replied to phishing emails, and have sent money, please report this fraud to the ASU Police Department at (719)587-7901.

Final reminder, Computing Services will never ask for your username and password via email.

If you have additional questions contact us at:

Computing Services

computingservices@adams.edu

(719) 587-7741

Tip #2 for NCSAM Awareness Month!

We are now well into National Cyber Security Awareness Month. Remember, you can always check the Stay Safe Online NCSAM website for more information and tips!

www.staysafeonline.org/ncsam

Cyber security is all about keeping your information safe, including your financial and personal information. In addition to keeping it secure, it’s important to keep it backed up!

Ever lost your phone or tablet? Ever accidentally washed a flash drive, that just happened to have an important copy of a paper? There is even malware that will lock or corrupt important documents.
A backup is a second copy of all your important files – for example, your photos, videos, and documents. Instead of storing it all in one place (like your computer), make sure you keep another copy of everything somewhere safe.

All students have free storage space on our Adams State file server, which is backed up by Computing Services every night. In addition to being accessible in the student labs, you can access your files anywhere via a web browser or mobile app.

Check out our how-to on accessing myfiles.adams.edu:

http://howto.adams.edu/index.php/Myfiles.adams.edu_-_Home_and_Shared_Network_Drives

You can also store multiple copies of your files on Google Drive. All ASU students get unlimited storage on their student Google Drive free.

drive.google.com

For more information and tips on backups, check out World Backup Day’s website:

http://www.worldbackupday.com/

If you would like more information on any of our services please let us know!

STOP.  Before you use the Internet, take time to understand the risks and learn how to spot potential problems.

THINK. Take a moment to be certain the path is clear ahead. Watch for warning signs and consider how your actions online could impact your safety, as well as your friend’s and family’s.

CONNECT. Enjoy the Internet with greater confidence, knowing you’ve taken the right steps to safeguard yourself and your computer.

ASU Computing Services
computingservices@adams.edu
719-587-7741

Don’t forget to like us on Facebook
www.facebook.com/ASUComputingServices
www.facebook.com/ASUResNet

Tip #1 for National Cybersecurity Awareness Month (NCSAM)

National Cybersecurity Awareness Month (NCSAM), now in its 13th year, was created to help everyone have the resources to stay safe and secure online.

STOP. THINK. CONNECT.: The Basic Steps to Online Safety and Security

Staying safer and more secure online starts with STOP. THINK. CONNECT. – the simple, actionable advice anyone can follow.

STOP: make sure security measures are in place.

THINK: about the consequences of your actions and behaviors online.

CONNECT: and enjoy the Internet.  

For more tips visit www.staysafeonline.org.

First and foremost, keep in mind that technology alone will never be able to fully protect you. Attackers have learned that the easiest way to bypass even the most advanced security technology is by attacking you. If they want your password, credit card, or personal data, the easiest thing for them to do is to trick you into giving them this information. For example, they can call you pretending to be Microsoft tech support and claim that your computer is infected, when in reality they are just cyber criminals that want you to give them access to your computer. Or perhaps they will send you an email explaining that your package could not be delivered and ask you to click on a link to confirm your mailing address, when in reality they are tricking you into visiting a malicious website that will hack into your computer. This is how attacks such as Ransomware or CEO Fraud start. Ultimately, the greatest defense against attackers is you. Be suspicious. By using common sense, you can spot and stop most attacks.

Sans OUCH! October 2016 Monthly Security Awareness Newsletter

To see the OUCH! Newsletter in its entirety, as well as subscribe to more security tips please visit:

https://securingthehuman.sans.org/resources/newsletters/ouch/2016
ASU Computing Services

computingservices@adams.edu

719-587-7741

For more security tips and tech updates throughout the year, like us on Facebook!

www.facebook.com/ASUComputingServices

www.facebook.com/ASUResNet

Important Copyright Notice and Information for Students

As the fall semester gets underway, I’m writing to remind you of the risks involved with illegally downloading and/or sharing of copyrighted music, movies, games and software over the Internet. Unauthorized obtaining, sharing or offering such copyrighted material is illegal and in violation of U.S. copyright law. If caught, you may face severe civil and criminal penalties, including prison and monetary damages. Anyone found to have infringed a copyrighted work may be liable for statutory damages of up to $30,000 for each work and, if found to be willful, that amount may be increased up to $150,000 for each work infringed. Movie and recording companies actively monitor the Internet to identify individuals who are illegally downloading and/or sharing movies and music via peer-to-peer networks.

ASU fully complies with Federal law and takes prompt action when notified that one of its students may be illegally downloading and/or sharing copyrighted material. University Policy 500-008, Unauthorized Downloading and File Sharing of Copyrighted Digital Materials, is located on the ASU Computing Services Website, at https://www.adams.edu/administration/computing/policies.php. If caught, ASU penalties could include loss of access to the campus computer network, disciplinary action and in extreme cases, expulsion from the University.

You may think that the large movie or recording companies won’t bother prosecuting a single university student downloading or sharing copyrighted material. Think again. Organizations such as the Recording Industry Association of America are serious about protecting their copyrighted material. In 2009, a Boston University graduate student was ordered to pay $675,000 for illegally downloading and distributing 30 songs. This comes out to $22,500, per incident, of copyright infringement. There are a number of online sources that provide legal alternatives for downloading or otherwise acquiring copyrighted material. A listing of many of these sites can be found at: http://www.educause.edu/legalcontent.

If you have specific questions regarding ASU’s Unauthorized Downloading and File Sharing Policy please contact the

ASU Computing Services Help Desk at 587-7741 or via email at computingservices@adams.edu.

Thanks and have a great semester!

Phishing email attack warning, Office 365 Free for Students, and other useful tips

**Phishing Email Attacks**

Adams State University student email accounts have again been the target of a phishing attack this week. Phishing emails are malicious emails where the attacker will pose as a legitimate organization to attempt to trick you into disclosing your personal information.

As a reminder, Computing Services will never ask for your username and password via email. If you do see a message asking for this information, please delete it without responding to the sender.

If you have responded to an email with your username and password please change your password immediately by going to www.adams.edu/onestop and clicking the ‘change your password’ link.

You can also report phishing through the web interface of Gmail.

On your computer:

Sign in to Gmail.
Open the message you’d like to report.
At the top-right corner of the message, click the down arrow next to the ‘Reply’ button.
Select Report Phishing.

If you are unsure if an email is legitimate or not, please reach out to our Helpdesk at 719-587-7741 orcomputingservices@adams.edu

**Office 365 is free to all current students!**

You can install your free copy of Office 365 for Education on up to 5 personal devices. For installation instructions please visit our howto wiki:

http://howto.adams.edu/index.php/Office_365_Education_for_Students_and_Employees

**Please remember to backup any important documents that you might need for your classes!**

Always keep important files stored in multiple locations. Having the only copy of an important file only on one computer or a thumbdrive could lead to data loss if that location gets corrupted or lost.

Our campus network drive, Myfiles.adams.edu, is backed up every evening by Computing Services. This drive is mapped automatically on any on campus computer and can be accessed anywhere through a web browser. For more information about using the network drive, please visit this link:

https://howto.adams.edu/index.php/Myfiles.adams.edu_-_Home_and_Shared_Network_Drives

All students also get unlimited storage on Google Drive! You can upload documents from any computer or mobile device and access them anywhere. For more information on using Google Drive please see the Google Drive Help Center at:

https://support.google.com/drive

If you need any assistance or have any questions please contact the Computing Services Helpdesk.

Thanks!

ASU Computing Services
computingservices@adams.edu
719-587-7741

Be ready for finals! – Tips from Computing Services

Finals week is here! Computing Services has a few helpful tips as we near the end of the semester.

**Please remember to backup any important documents that you might need for your classes!**

Always keep important files stored in multiple locations. Having the only copy of an important file only on one computer or a thumbdrive could lead to data loss if that location gets corrupted or lost.

Our campus network drive, Myfiles.adams.edu, is backed up every evening by Computing Services. This drive is mapped automatically on any on campus computer and can be accessed anywhere through a web browser. For more information about using the network drive, please visit this link:

https://howto.adams.edu/index.php/Myfiles.adams.edu_-_Home_and_Shared_Network_Drives

All students also get unlimited storage on Google Drive! You can upload documents from any computer or mobile device and access them anywhere. For more information on using Google Drive please see the Google Drive Help Center at:

https://support.google.com/drive

**Office 365 is free to all current students!**

You can install your free copy of Office 365 for Education on up to 5 personal devices. For installation instructions please visit our howto wiki:

http://howto.adams.edu/index.php/Office_365_Education_for_Students_and_Employees

**Phishing Email Attacks**

Adams State University student email accounts have again been the target of a phishing attack this week. Phishing emails are malicious emails where the attacker will pose as a legitimate organization to attempt to trick you into disclosing your personal information.

As a reminder, Computing Services will never ask for your username and password via email. If you do see a message asking for this information, please delete it without responding to the sender.

If you have responded to an email with your username and password please change your password immediately by going to www.adams.edu/onestop and clicking the ‘change your password’ link.

You can also report phishing through the web interface of Gmail.

On your computer:

Sign in to Gmail.
Open the message you would like to report.
At the top-right corner of the message, click the down arrow next to the ‘Reply’ button.
Select Report Phishing.

If you are unsure if an email is legitimate or not, please reach out to our Helpdesk at 719-587-7741 orcomputingservices@adams.edu

**Graduating? Make sure to sign up for an ASU Alumni Email Account!**

Your student account will remain active for 3 terms after you have been enrolled in a class. After you have not been enrolled for 3 terms your ASU student account will be deleted.

Our ASU graduates are eligible for a free Alumni Google Account! Computing Services can assist with copying any information stored in your student Google account to your alumni account.

Please see our Alumni website for instructions on requesting an Alumni email account:

http://www.adams.edu/alumni/emailfaq.php

If you need any assistance or have any questions please contact the Computing Services Helpdesk.

Thanks!

ASU Computing Services
computingservices@adams.edu
719-587-7741

Residence Halls Wifi Maintenance and phishing attack warning for students

Tomorrow (Tuesday, November 10th) beginning at 10:00 AM, Computing Services must perform maintenance on our wireless internet services in Coronado, Girault and the Residence at Rex. All wireless services are expected to be restored by 3:00 PM that afternoon. Although not anticipated, there is a small possibility that we encounter issues in performing the maintenance, which could cause us to need to finish the work on Wednesday and Thursday. We chose this time due to the fact that our wifi is utilized the least during these hours, as students are primarily in class during this time. We apologize for any inconvenience this may cause.

***Phishing attacks reported by students***

Adams State University student email accounts have again been the target of a phishing attack this week. Phishing emails are malicious emails where the attacker will pose as a legitimate organization to attempt to trick you into disclosing your personal information.

As a reminder, Computing Services will never ask for your username and password via email. If you do see a message asking for this information, please delete it without responding to the sender.

If you have responded to an email with your username and password please change your password immediately by going to www.adams.edu/onestop and clicking the “change your password” link.

You can also report phishing through the web interface of Gmail.

On your computer:

  1. Sign in to Gmail.
  2. Open the message you’d like to report.
  3. At the top-right corner of the message, click the down arrow next to the “Reply” button.
  4. Select Report Phishing.

If you are unsure if an email is legitimate or not, please reach out to our Helpdesk at 719-587-7741 or computingservices@adams.edu

Computing Services thanks you for your patience and understanding as we perform these critical maintenance activities. As always, if you have any questions, please call the ASU Computing Services Helpdesk at 7741 or contact us via email at computingservices@adams.edu

Computing Services

KnowBe4 Required IT Security Training for Faculty/Staff

Now that National Cyber Security Awareness Month has concluded, Computing Services is excited to kick off our security training for Faculty and Staff!

Cabinet has approved an updated IT Users Responsibility policy. The updated policy includes required IT Security training for any ASU faculty or staff member that has an account through Computing Services. The policy can be found here:

https://www.adams.edu/administration/computing/policies.php

Please watch for email reminders about the training from KnowBe4, our security training vendor. For more on the security training please see our how-to article:

http://howto.adams.edu/index.php/KnowBe4_Training

You can also register to take the training at:

training.knowbe4.com/signup

Make sure you enroll using your @adams.edu email address.

The training must be completed annually, this year’s deadline is May 20th, 2016. Please be sure to complete the security training prior to May 20th, 2016 to ensure you do not lose access to IT resources, such as email or Banner.

Last summer, Computing Services reported on the impact of Phishing and need for information security training on campus to Cabinet. Cabinet approved using phishing simulation tests to better educate our customers about phishing email attacks and charged Computing Services with making the IT security training mandatory for all individuals that use IT resources.

We have been conducting phishing simulation training since last fall. Over the course of the training we have seen click rate responses drop from 16% to  an average of 6.1%. However, we still have had a number of staff and student accounts compromised recently. In addition, we have had several malware attacks on individual workstations this semester. 127 individual computers have had malware removed by our antivirus solution in the last 6 months. 2 of those computers were infected with malware called CryptoWall, which encrypts files so they are unreadable.

Computing Services actively takes steps to secure campus networks and workstations, but a very crucial step to IT security is training the users of our resources how to identify and avoid attacks.

Remember, you can always check the Stay Safe Online NCSAM website for more information and tips year round!

www.staysafeonline.org/ncsam

ASU Computing Services

computingservices@adams.edu

719-587-7741

Don’t forget to like us on Facebook

www.facebook.com/ASUComputingServices

Tip #2 for National Cyber-Security Awareness month

We are now well into National Cyber Security Awareness Month. Remember, you can always check the Stay Safe Online NCSAM website for more information and tips!

www.staysafeonline.org/ncsam

Cyber security is all about keeping your information safe, including your financial and personal information. In addition to keeping it secure, it’s important to keep it backed up!

Ever lost your phone or tablet? Ever accidentally washed a flash drive, that just happened to have an important copy of a paper? There is even malware that will lock or corrupt important documents.

A backup is a second copy of all your important files — for example, your photos, videos, and documents. Instead of storing it all in one place (like your computer), make sure you keep another copy of everything somewhere safe.

All students have free storage space on our Adams State file server, which is backed up by Computing Services every night. In addition to being accessible in the student labs, you can access your files anywhere via a web browser or mobile app.

Check out our how-to on accessing myfiles.adams.edu:

http://goo.gl/6OSOG6

You can also store multiple copies of your files on Google Drive. All ASU students get 30 GB on their student Google Drive free.

drive.google.com

For more information and tips on backups, check out World Backup Day’s website:

http://www.worldbackupday.com/

If you would like more information on any of our services please let us know!

STOP.  Before you use the Internet, take time to understand the risks and learn how to spot potential problems.

THINK. Take a moment to be certain the path is clear ahead. Watch for warning signs and consider how your actions online could impact your safety, as well as your friend’s and family’s.

CONNECT. Enjoy the Internet with greater confidence, knowing you’ve taken the right steps to safeguard yourself and your computer.

ASU Computing Services

computingservices@adams.edu

719-587-7741

 

Don’t forget to like us on Facebook

www.facebook.com/ASUComputingServices

www.facebook.com/ASUResNet

Cyber-Security Awareness tidbit- International #2FactorTuesday!

As part of our month-long campaign to raise awareness about cyber-security, here is some information regarding two-factor authentication:

Many web services, including your Adams State Google account, allow account protection beyond a password that provides a second layer of security to your account. When logging into your account from an unrecognized device you will be prompted to verify your identity, usually with a verification code.

Why enable 2 factor authentication? It keeps anyone but you OUT of your account. Even if someone compromises your password they will be unable to access your account without the verification code.

StopThinkConnect.org has instructions on enabling 2 factor authentication for services likeGoogle, Facebook, Twitter, and more!

http://stopthinkconnect.org/2stepsahead/how-to-enable-2-step-authentication/

Share that you took action by using #2FA, #2FactorTuesday! and #CyberAware on social media.

Watch for more security tips from Computing Services this October during National Cyber Security Awareness Month!

Computing Services