Tag Archives: Alerts

ALERT: Phishing Emails From Valid Fordham Accounts

/* Font Definitions */
@font-face
{font-family:”Courier New”;
panose-1:2 7 3 9 2 2 5 2 4 4;
mso-font-charset:0;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:3 0 0 0 1 0;}
@font-face
{font-family:Times;
panose-1:2 0 5 0 0 0 0 0 0 0;
mso-font-charset:0;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:3 0 0 0 1 0;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;
mso-font-charset:2;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:0 268435456 0 0 -2147483648 0;}
@font-face
{font-family:”MS 明朝”;
panose-1:0 0 0 0 0 0 0 0 0 0;
mso-font-charset:128;
mso-generic-font-family:roman;
mso-font-format:other;
mso-font-pitch:fixed;
mso-font-signature:1 134676480 16 0 131072 0;}
@font-face
{font-family:”Cambria Math”;
panose-1:2 4 5 3 5 4 6 3 2 4;
mso-font-charset:1;
mso-generic-font-family:roman;
mso-font-format:other;
mso-font-pitch:variable;
mso-font-signature:0 0 0 0 0 0;}
@font-face
{font-family:Cambria;
panose-1:2 4 5 3 5 4 6 3 2 4;
mso-font-charset:0;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:3 0 0 0 1 0;}
@font-face
{font-family:”Helvetica Neue”;
panose-1:2 0 5 3 0 0 0 2 0 4;
mso-font-charset:0;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:-452984065 1342208475 16 0 1 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:””;
margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:Cambria;
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”MS 明朝”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:”Times New Roman”;
mso-bidi-theme-font:minor-bidi;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
font-family:Cambria;
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”MS 明朝”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:”Times New Roman”;
mso-bidi-theme-font:minor-bidi;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;
mso-header-margin:.5in;
mso-footer-margin:.5in;
mso-paper-source:0;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:773207994;
mso-list-template-ids:1301427876;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:”Courier New”;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:858547292;
mso-list-template-ids:-1219038246;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:”Courier New”;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:1429353724;
mso-list-template-ids:-844461730;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:”Courier New”;}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3
{mso-list-id:1567371927;
mso-list-template-ids:-123844976;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:”Courier New”;}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4
{mso-list-id:1819296163;
mso-list-template-ids:1980814770;}
@list l4:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:”Courier New”;}
@list l4:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}

Photo by Jamal Kurshed
Phishing emails are being sent from
valid Fordham email accounts. These emails may appear to come from people you
know. In some cases, their names are used to sign the emails. A list below
shows the types of subjects commonly used in the phishing emails.

 These emails are NOT legitimate. They request recipients to “Click
here” or “View Document Here”  If you click on the
link, you are directed to a site asking you to log into your Google Gmail, or
even your Yahoo and AOL accounts.  

These sites are NOT legitimate. They are used to capture your usernames
(AccessIT IDs) and passwords. An attacker with this information can log into
your account and send phishing emails to everyone in your contact list.

We have seen phishing emails with the following subjects:

  • Update
  • New Doc
  • Important
  • Important Message
  • Important!!!
  • Yahoo Security Update
  • Your Yahoo Account Safety Is Our
    Top Priority

If
you believe you have received this phishing message, please do the
following: 

  • Do not respond to the message.
  • Do not click any links within the
    message.
  • Do not provide any information
    such as a username (AccessIT ID) and password.

If
you responded to the email and provided confidential information:

  • Contact Fordham IT Customer Care
    ASAP at 718-817-3999.
  • Manually reset your password and
    disconnect any active login sessions to your Gmail account.
  • Delete the message. 

Email
Security Tips:

  • NEVER give out your password to
    anyone, especially in an email. Fordham IT and any other reputable service
    provider will NEVER ask for your password or personal information via
    email.
  • NEVER provide personal or
    sensitive information in an email.
  • Do not click on links in emails.
    Enter valid website addresses into a browser manually.
  • Do not respond to suspicious
    emails. If you receive questionable or suspicious emails, contact IT
    Customer Care and allow the University Information Security Office (UISO)
    to validate the legitimacy of these emails.
  • Be wary of attachments, especially
    any you weren’t expecting. Send them to IT Customer Care and let the UISO
    scan them for you.
  • If an email looks fishy, it
    probably is a phishing email.
  • Do not be fooled by scare tactics
    threatening to cut off your email, expire your accounts, and so on. Go to
    the source (my.fordham, your bank, HR, etc.) and validate the claim, but
    do not rely on the information provided in the email.

Find
out more about phishing and online security:

  • Search our SecureIT blog to see if
    we have already identified a suspected email as a scam or a legitimate
    email: fordhamsecureit.blogspot.com. 
  • IT security topics are available
    on our IT Security website: www.fordham.edu/SecureIT 
  • Remember, Fordham IT and Fordham
    University will NEVER ask you for your password. If you believe you have received
    a suspicious email or phone call, please contact IT Customer Care for help
    at (718) 817-3999 or HelpIT@fordham.edu.

Critical Schannel Vulnerability Effecting All Versions Of Windows

Please be advised of a recently discovered vulnerability in SCHANNEL affecting ALL VERSIONS OF WINDOWS!

Description

The vulnerability can be used by an attacker for drive-by attacks to run code remotely and take over the user’s machine.  In these drive-by attacks, hackers install code on web sites which attempts to covertly install malicious code on the unprotected computers of visitors to the site. Users are typically led to these sites via phishing emails and other scams.

Further information regarding the details of the vulnerability:

http://www.theregister.co.uk/2014/11/12/driveby_unicorn_0day_beats_emet_affects_all_windows_versions/

Solution

A patch, MS14-066, released yesterday as part of Microsoft’s
Patch Tuesday remediates this issue for all supported versions of Windows. Please note, THIS DOES NOT INCLUDE WINDOWS XP! This security update is rated Critical for all supported releases of Microsoft Windows. If you have automatic updates turned on, you will get this new update without having to do anything.  If you haven’t turned on automatic updates, you should do so now.  Click the “Check for Updates” button on the Windows Update portion of your Control Panel.

The patch can be manually downloaded here:

https://technet.microsoft.com/library/security/MS14-066

Microsoft Releases Patch for Internet Explorer Vulnerability

Microsoft has released an update that patches the most recent Internet Explorer vulnerability for all versions of Windows. Although Windows XP is no longer supported, Microsoft has made and exception for this particular update. If you have automatic updates turned on, you will get this new update without having to do anything.  If you haven’t turned on automatic updates, you should do so now.  Click the “Check for Updates” button on the Windows Update portion of your Control Panel.

Further information: http://blogs.technet.com/b/microsoft_blog/archive/2014/05/01/updating-internet-explorer-and-driving-security.aspx

Internet Explorer Vulnerability Discovered

A new security flaw was found in all versions of Internet Explorer. Windows XP will most likely not be patched. Learn to protect yourself here: http://www.mashable.com/2014/04/28/internet-explorer-bug-how-to-protect/

If you have any questions please contact IT Customer Care at 718-817-3999 or via email: helpit@fordham.edu.

Update on the Heartbleed bug

Dear Colleagues and Students,
Recently a flaw, called the Heartbleed bug, was discovered in OpenSSL, a security method used on the Internet. Fordham IT is aware of the issue and our team is following best practices to ensure the security of Fordham’s systems and mitigate risk. 
We have no reason to believe that Fordham’s secure systems have been compromised. However, this vulnerability is not an isolated issue affecting the Fordham community. It affects your online life outside of Fordham, as well. The website Mashable has a list of potentially affected sites and actions you should take to protect your sensitive data: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
Be on the lookout for criminals requesting your password via phishing emails or websites that claim your information has been compromised. Criminals will take advantage of this opportunity to prey on fears about the Heartbleed bug. 
If you have questions, contact IT Customer Care at 718-817-3999 or HelpIT@fordham.edu. Follow us on Twitter for news and alerts: @FordhamIT.

Best,
Elizabeth

——————————-
Elizabeth Cornell, PhD
IT Communications Specialist
Fordham University | Fordham IT
@Fordham IT

Fordham IT Implements a New Password Expiration Initiative

Did you know that your AccessIT ID password is an integral aspect of Fordham IT’s online security program? Your password adheres to certain rules that make it complex enough to thwart the potential theft of sensitive information accessed through your Fordham account.
Passwords are often stolen when individuals accidentally respond to fraudulent requests for personal information. This is called a phishing attack and is the most common way for credentials like passwords and credit card information to be stolen. Sophisticated hacking techniques can steal many passwords at one time from large institutions. A password is not just an institution’s first line of defense against a cyber attack. It may also be the weakest link.
A victim of password theft might not discover that their password was stolen because it may not be used immediately. When a stolen password is used, however, it can wreak havoc on the lives of those affected and damage an institution’s reputation. That’s why changing passwords every now and then helps to limit the amount of time a stolen password remains useful.
To help keep personal information and other sensitive data as secure as possible, Fordham IT has implemented the Password Expiration Initiative. All AccessIT ID passwords are set to expire in Spring 2014 unless they are changed by individual users beforehand. Changing your password takes less than two minutes. Once you change your password, it will be set to expire again, in 180 days. (Be advised that the first time you attempt to access your Gmail from a mobile device after changing your password, you will be prompted to enter your new AccessIT ID password.)
Everyone is responsible for protecting Fordham’s systems. The Password Expiration Initiative is an important way for individuals to do their part and help Fordham IT fulfill its commitment to ensuring the online security of the entire campus community.
Please remember that Fordham IT will NEVER request passwords or other personal information via email. Messages requesting such information are fraudulent and should be reported to IT and then deleted. Fordham IT is committed to maintaining the integrity of the university’s online resources.
We can tell you more about the Password Expiration Initiative!
Visit our website http://www.fordham.edu/PWExpire to learn about
  • Town Hall dates and locations
  • Instructions for changing your password
  • Password complexity rules
Follow us on Twitter: @FordhamSecureIT

CryptoLocker

Those files on your computer important?  Thought so… beware of emails containing attachments, they could infect you with the ransomware, CryptoLocker, which will encrypt your files making them unretrievable.  Backup your computers, make sure you have Anti-Virus installed with the latest signatures, don’t fall for email scams and make sure you have the latest secure applications on your computers. 
For a copy of Symantec Endpoint Protection or for any IT security concerns, call or email Fordham IT Customer Care at 718-817-3999 or helpit@fordham.edu

For more information, watch this video from Sophos:
http://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/

NEVER… Give out your password… NEVER!!!

NEVER!!!
Under no circustances should anyone ask you for a password nor should you provide your password.  This holds true for any in person, email or over the telephone communications.  Providing your password is a sure fire way to lead to infecting your computer or mobile device, personal and confidential data loss, and identity theft.
If you have any questions or concerns, please contact IT Customer Care at (718) 817-3999 or via email to: HelpIT@fordham.edu

Java based Malware – Learn how to pretect yourself

Summary:
Microsoft is offering advice on how to protect yourself from Java-based malware. The instructions are simple: either update it, disable it, or just uninstall it completely.

Global Payments: Data breach is contained | ZDNet

Keep those credit card statements handy and check ’em, check ’em often!!!

Global Payments: Data breach is contained ZDNet