Author Archives: Gregory Rivas

please call asap – Spam Email Sent to the Fordham Community on 11/30/2016

This is a Spam email that has been reported. This message was
received on or about November 30th, 2016. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————
From: “Performance SLC” <slc@performanceslc.org>
Date: Fri, Nov 4, 2016 at 12:48 PM
Subject: please call asap
To: user@fordham.edu

Dear User,

Records indicate you have inquired in the past for student loan relief. You may now meet the new criteria for a student loan forgiveness program which may include loan consolidation into one new low payment, monthly payment deferments, loan discharge, or even complete loan forgiveness.

We are an A-rated BBB accredited agency, that offers graduated students help with a money back guarantee. You won’t pay us anything unless we complete your enrollment, and your call-in consultation does not cost you anything either.

Connect with a specialist now at  888-870-6120

It only takes a few minutes to find out your options. Call our direct line, and be instantly connected without waiting on hold between the hours of 7 AM- 6 PM PST(Pacific Standard).

Sincerely,

Performance SLC
888-870-6120

17748 Sky Park Cir.
#150
Irvine CA 92612
USA

To unsubscribe or change subscriber options visit: (LINK HERE)

—————————–End Message —————

Webmail Filter Activity- Phishing Email Sent to the Fordham Community on 11/04/2016

This is a Phishing email that has been reported. This message was
received on or about November 4th, 2016. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————
From:  Candelaria, Marcella U <candelaria_mar@aps.edu>
Date: Fri, Nov 4, 2016 at 12:48 PM
Subject: Webmail Filter Activity
To: user@fordham.edu

Please note that your Mailbox Filter is not active. Kindly Update Now to get new mails. (LINK HERE)

Thank you,

Candelaria Marcella

ITS support for Faculty and Staff

—————————–End Message —————

Article: Free Tools to Remove Ransomware Infections From Your PC

“Ransomware, a variety of malware which encrypts user files and demands payment in return for a key, has become a major threat to businesses and the average user alike.

Coming in a variety of forms, ransomware most often compromises PCs through phishing campaigns and fraudulent emails. Once a PC is infected, the malware will encrypt, move, and potentially delete files, before throwing up a landing page demanding a ransom in Bitcoin.

Demands for payment can range from a few to thousands of dollars. However, giving in and paying the fee not only further funds the development and use of this malware, but there is no guarantee any decryption keys given in return will work.

It is estimated that ransomware attacks cost more than $1 billion per year.

The No More Ransom Project, launched by the National High Tech Crime Unit of the Netherlands’ police, Europol, Kaspersky, and Intel Security, is a hub for victims to find out how to remove infections — and how to prevent themselves becoming infected in the future.

Unfortunately, not every type of ransomware has been cracked by research teams. Time and vulnerabilities which can be exploited by cybersecurity experts are required, and so some ransomware families do not have a solution beyond wiping your system clean and using backup data.

However, researchers are cracking more types of ransomware every month and there are a number of tools available which give victims some hope to retrieve their files.

The No More Ransom Project offers a quick way to find out what sort of ransomware is on your PC . Alternatively, the Malware Hunter Team runs the ID Ransomware online service which can also be used to identify infections.”

You can find a range of tools and software made available by researchers to scour your PC clean of the most common types of infection as well as links to the the No More Ransom Project and Malware Hunter Team’s ID Ransomware online service in the article.

Source:http://www.zdnet.com/article/remove-ransomware-infections-from-your-pc-using-these-free-tools/

Tip #13 Pay Attention to Permissions and Privacy Policies

android_app_permissions

Application permissions on your mobile devices grant an application access to certain information or functions of your phone. When you install an application you are usually greeted with a pop up listing all the permissions the application requests access to. Such permissions include the ability to access your device’s storage and place phone calls. While many simply click through to get the application up and running, it is important to consider what the application is requesting access to and if it is entirely necessary.

If an application is requesting permissions that do not fit the functions of the application (i.e. “find accounts on this device” and “modify your contacts, read your contacts” for an application that only changes your background photo) consider denying the permission to the application. Be cognizant of the applications you download to your device and ensure it is doing only what you intend it to do.

The same principle applies to privacy policies. Though many choose to gloss over them, it is prudent to see how certain information is used, especially in regards to social media sites and applications that require permissions to your information.  Make sure you are comfortable with what that information will be used for and how the information is stored.

Alert: Notice of McAfee Class Action Settlement Email

This is an questionable email that has been reported. This message was
received on or about October 12th, 2016. It is advised that you DO NOT respond to this message or anything that looks like it. You may disregard and delete
this message if you did not use the product listed. If you have any questions about the validity of this email please contact IT Customer Care at 718-817-3999 or via email:helpit@fordham.edu.

——————–Begin Message ——————————
From: McAfee Class Action Settlement Claims Administrator <administrator@qgemail.com>
Date: Wed, Oct 12, 2016 at 9:20 AM
Subject: Notice of McAfee Class Action Settlement.
To: user@fordham.edu

Personal Identification #: #########
Confirmation Code: #######
Class Action Settlement Notice
If you bought McAfee or Intel Security software between January 10, 2010 and February 10, 2015, you may be entitled to benefits from a class action settlement.
You must file a Cash Election Form to receive a cash payment.
To file a Cash Election Form, click here.
Read this notice carefully, as it affects your rights.
For more information, visit www.McAfeeWilliamsonSettlement.com or call 1-844-343-1478
WHAT IS THIS CASE ABOUT? Two consumers filed class action lawsuits saying that McAfee engaged in certain unfair practices about auto-renewal charges and the advertising of discounts and reference prices. McAfee denies that it did anything wrong. The settlement is not an admission of wrongdoing.
WHO IS INCLUDED? You are in the “Auto-Renewal Class” if you are in the United States and you: (1) were charged by McAfee for the auto-renewal of any McAfee or Intel Security software from January 10, 2010 to February 10, 2015; (2) your first auto-renewal charge was at a higher price than the price you paid McAfee for your initial software subscription; and (3) that auto-renewal charge was not fully refunded to you by McAfee or fully credited to you on your credit or debit card.
You are in the “Reference Price Class” if you are in the United States and: (1) you purchased from McAfee or manually renewed through McAfee a subscription for any McAfee or Intel Security software from January 10, 2010 to February 10, 2015, and (2) you paid a discounted price for that purchase or manual renewal.
If you received this notice, you have been identified as being in the Auto-Renewal Class, based on McAfee’s records.
WHAT DOES THE SETTLEMENT PROVIDE? McAfee has agreed to provide an $11.50 settlement benefit to all class members in the Auto-Renewal Class. You can elect to receive the $11.50 settlement benefit as cash, but only if you file a Cash Election Form by no later than December 23, 2016. Eligible class members who don’t file a Cash Election Form will instead receive an $11.50 McAfee value certificate good towards the purchase of McAfee or Intel Security consumer products. In addition, McAfee has agreed to implement certain practice changes concerning auto-renewal transactions and pricing advertisements. For more information, visit www.McAfeeWilliamsonSettlement.com.
HOW DO I RECEIVE A CASH PAYMENT? You must file a Cash Election Form to receive a cash payment. There are two ways to file a Cash Election Form: (1) File online, at www.McAfeeWilliamsonSettlement.com; or (2) Print a Cash Election Form, available at www.McAfeeWilliamsonSettlement.com, fill it out, and mail it (with postage) to the address listed on the Cash Election Form. Cash Election Forms must be filed online or postmarked by December 23, 2016. If you file online, you can choose to receive the cash payment as a check or as a direct credit to your PayPal account. For Cash Election Forms filed by mail, cash payments will be made by check. Only eligible class members will receive payments.
YOUR OTHER OPTIONS. If you don’t want to receive a cash payment or other settlement benefits and don’t want to be bound by the settlement and any judgment in this case, you must send a written request to exclude yourself from one or both classes, postmarked no later than November 28, 2016. If you exclude yourself, you will not receive benefits from the settlement. If you don’t exclude yourself, you will give up the right to sue McAfee and related entities about any of the issues related to this case. If you don’t exclude yourself, you may object to the settlement or to the request for fees and costs by Class Counsel. The detailed class notice, available at www.McAfeeWilliamsonSettlement.com, explains how to exclude yourself or object. The Court will hold a hearing in the case (Williamson v. McAfee, Inc., Case No. 14 cv 158 EJD; Kirby v. McAfee, Inc., Case No. 14 cv 2475 EJD) on January 26, 2017 at 10:00 a.m., to consider whether to approve: (1) the settlement; (2) attorneys’ fees and costs of up to $2,400,000 for Class Counsel, to be paid by McAfee in addition to the benefits provided to class members; and (3) service awards of $1,250 each for the two class representatives in this case. You may appear at the hearing, but you don’t have to. The Court has appointed attorneys (called “Class Counsel”) to represent the class members. These attorneys are listed in the detailed class notice. You may hire your own attorney to appear for you, but if you do so, it will be at your own expense.
WHERE CAN I GET MORE INFORMATION? For more information, visit
www.McAfeeWilliamsonSettlement.com or call
1-844-343-1478.
A federal court authorized this notice. This isn’t a solicitation from a lawyer. You aren’t being sued.
Unsubscribe
——————–End Message ——————————

Tip #7 Secure Your Accounts

Multi Factor

Sometimes just a password is not enough to protect your account. Multi-factor authentication provides an additional layer of protection to your accounts and information. Methods of implementing this protection includes the use of a key or code generated by an automated system, an app that expires after a certain amount of time, and security questions.

This ensures that if your password is compromised, an attacker will not be able to get into the associated account easily. They will need a given key or code, as mentioned above, in order to complete the login.

Popular services and websites that utilize multi-factor authentication include:

  • Google
  • Apple
  • Facebook
  • Twitter
  • Steam
  • Dropbox
  • LinkedIn

An example of multi-factor authentication used by Google is the addition of a code that is texted to you after the initial login. If the machine from which the login is taking place is not one that was used recently, the additional layer of security is implemented. Unless the attacker has your phone as well,  your account will remain inaccessible.

This is not a sure-fire solution though as some websites will email you the code, and if you reuse the same password for your email and the attacker was able to get into your email account, then the additional layer of security is moot.

Consider utilizing protection beyond a username and password. Many other websites now offer additional ways to protect your information and accounts. Also make sure you do not reuse passwords for multiple accounts to further strengthen the security on your accounts.

Receipt ###-### – Malicious Email With Attachment Sent to the Fordham Community on 09/29/2016

This is a Malicious email that has been reported. This message was
received on or about September 29th, 2016. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————

From: User_Name@gmail.com
Date: Thurs, Sept 29, 2016 at 6:46AM
To: user@fordham.edu
Subject: Receipt ###-###

*There is no body to this message only an attached file titled “Receipt”. The file is confirmed to be malicious.*

——————–End Message ——————————

Article: 500 Million Yahoo Accounts Stolen

“Yahoo confirmed on Thursday data “associated with at least 500 million user accounts” have been stolen in what may be one of the largest cybersecurity breaches ever.

The company said it believes a “state-sponsored actor” was behind the data breach, meaning an individual acting on behalf of a government. The breach is said to have occurred in late 2014.

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” Yahoo said in a statement.

Yahoo urges users to change their password and security questions and to review their accounts for suspicious activity.

The silver lining for users — if there is one — is that sensitive financial data like bank account numbers and credit card data are not believed to be included in the stolen information, according to Yahoo.

Yahoo is working with law enforcement to learn more about the breach.

“The FBI is aware of the intrusion and investigating the matter,” an FBI spokesperson said. “We take these types of breaches very seriously and will determine how this occurred and who is responsible. We will continue to work with the private sector and share information so they can safeguard their systems against the actions of persistent cyber criminals.”

A large-scale data breach was first rumored in August when a hacker who goes by the name of “Peace” claimed to be selling data from 200 million Yahoo users online. The same hacker has previously claimed to sell stolen accounts from LinkedIn  and MySpace.

Yahoo originally said it was “aware of a claim” and was investigating the situation. Nearly two months later, it turns out the situation is even worse.

“This is massive,” said cybersecurity expert Per Thorsheim on the scale of the hack. “It will cause ripples online for years to come.”

U.S. Sen. Richard Blumenthal called for tougher legislation to “make sure companies are properly and promptly notifying consumers when their data has been compromised.”

“If Yahoo knew about the hack as early as August, and failed to coordinate with law enforcement, taking this long to confirm the breach is a blatant betrayal of their users’ trust,” he said in a statement.

Here are steps to take to secure your online accounts.

Change passwords often

Yahoo is asking anyone who hasn’t changed their password since 2014 to update it. This is good advice for everyone: Passwords should be changed often. You won’t always get a timely notice from a company that an account was compromised — and sometimes it might not even know about a hack until much later. In this case, it took two years for the company to confirm the breach.

Never use the same password twice

Never use the same password twice. If hackers get the password for one of your online accounts, they can try to use it to access your other accounts that take the same credentials.

Pick better passwords

Consider using a phrase instead of single words that are more easily guessed. Don’t go for common phrases like cliches: Pick a combination of words that don’t go together — i.e. rather than “herecomesthesun,” go for something like “wombatbootsparade”.

Avoid using common passwords like 1-2-3-4-5-6 or p-a-s-s-w-o-r-d, and include a mixture of numbers, letters and characters.

Update those security questions

If you forget a password, using security questions is an easy way to gain access back into your own account — its not like you’ll ever forget your mom’s maiden name. But some Yahoo security answers and questions were a part of the breach. The company has already disabled any unencrypted security answers on its accounts.

If you frequently use the same security questions and answers for other online accounts, you’ll want to change those, as well. Attackers could use the information taken from Yahoo to obtain access to other online accounts that contain even more sensitive information.

Avoid choosing the obvious questions and don’t provide answers that are easy to find online through Google searches, social media sites or old Live Journal entries.

Be alert

The company is urging users to look through their Yahoo accounts (email, calendar, groups, etc.) for any signs of suspicious activity. Although it doesn’t say what to look for, start by checking outgoing emails.

Be extra careful about clicking on links or opening downloads from unknown email addresses. If anyone emails asking for your password, it’s a red flag — even if it looks like it’s coming from a legitimate place like Yahoo or a bank. Never share any account information or passwords over email.”

Sources: http://money.cnn.com/2016/09/22/technology/yahoo-data-breach/

http://money.cnn.com/2016/09/22/technology/yahoo-hack-password-tips/index.html?iid=SF_LN

 

FYI – Phishing Email Sent to the Fordham Community on 08/29/2016

This is a Phishing email that has been reported. This message was
received on or about August 29th, 2016. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————
From:  Denise Nethaway <dnetha01@baker.edu>
Date: Mon, Aug 29, 2016 at 12:48 PM
Subject: FYI
To: user@fordham.edu

hello,

See the below vital docs i sent to you
>> Documents (<—LINK HERE)
Best Regards
Thanks

—————————–End Message —————

see documents – Phishing Email Sent to the Fordham Community on 08/25/2016

This is a Phishing email that has been reported. This message was
received on or about August 25th, 2016. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
helpit@fordham.edu.

——————–Begin Message ——————————
From: user@fordham.edu
Date: Thurs, Aug 25, 2016 at 12:56 PM
Subject: see documents
To: user@fordham.edu
Hi

See below the confidential document i sent
>>> File (LINK HERE)
Best regards
Thanks

—————————–End Message —————