Home - Office and Services - Information Technology - Information Technology News
Information Technology News

Latest Posts

Can Colgate ban Yik Yak?

By Ellen Holm on February 19, 2015

Like any website or Internet-based service, Colgate could use firewalls to block users of our network from accessing Yik Yak. Decisions to block access to any service or website are made extremely carefully – balancing security needs with the protection of privacy and freedom in education. Additionally, blocking Yik Yak would not preclude individuals from accessing and posting to Yik Yak through other means.

Several colleges have blocked Yik Yak from their networks, including Utica College and Augustana College, but posts continue. Yik Yak requires a mobile device with an Internet connection and presence within a geographic area. When Yik Yak does not have a successful wifi connection, it will automatically flip to use the mobile device’s cellular signal to ‘yak’ within an area.  In other words, anyone in the area with an active mobile Internet connection can post to Yik Yak without using our wifi. ‘Yakkers’ need not even be Colgate students, staff or faculty. For these reasons, even when other colleges have blocked Yik Yak, the posts have continued with individuals ‘yakking’ through the cellular network.

If you see a post that threatens physical violence on Yik Yak or through other online activity, please preserve the information through a screen capture of the post and note the time you viewed the post. For e-mail, please preserve the e-mail. To report a threat, please call Campus Safety through the emergency line (x7911) or through the routine line (x7333).

 


ITS ALERT: Phishing Email, February 17, 2015

By Peter Setlak on February 17, 2015

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email has been reported. The email has the subject, “Review Documents”

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email.

WHAT YOU SHOULD DO:  

1. Delete the email.

2. Never give out your username and password.

3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Phishing Email, February 12, 2015

By Peter Setlak on February 12, 2015

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email has been reported. The email has the subject, “Failure to comply may result in the loss of your account within the next 24 hours.”

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email.

WHAT YOU SHOULD DO:  

1. Delete the email.

2. Never give out your username and password.

3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Phishing Email, December 23, 2014

By Peter Setlak on December 23, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email has been reported. The email has the subject, “Brian Has sent you a Document,” and is made to look like a file shared through Google Drive.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email.

WHAT YOU SHOULD DO:  

1. Delete the email. 2. Never give out your username and password. 3. Never click on links in emails that are unsolicited. If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


Can Colgate Identify Yaks and Email?

By Peter Setlak on December 10, 2014

Can Yaks be tracked back to an individual if they are using Colgate’s network?

If a user or Colgate has a concern about the content of a post, we can work with law enforcement who, with additional information, can determine whether they have enough information to issue a subpoena to Yik Yak.

On their website, Yik Yak states: “When Yik Yak receives a request for user account information from a government agency investigating criminal activity, the Yik Yak team reviews each request to be sure that it satisfies all legal requirements. Yik Yak’s legal policy can be viewed here:http://www.yikyakapp.com/legal.

ITS can log registered devices that access Yik Yak from Colgate’s network; however, all of the communications are encrypted and the contents are unreadable. We may be able to see what devices are accessing the application, but we cannot distinguish between Yaks, updates, views, and votes. Due to the volume of use at Colgate, there are often multiple simultaneous connections at any given moment, so specific actions (posts, updates, views, votes, etc.) cannot be tied to an individual user based on our logs alone.

Can Colgate track the sender of an email?

Colgate can only accurately track the origin of emails sent using university email accounts.  Since the university issues all @colgate.edu accounts, we can easily identify the sender. Colgate performs investigations involving email and other forms of electronic communications only in accordance with its Stewardship and Custodianship of Email policy.

If a user sends an email from a provider such as Google, Yahoo or Outlook.com, we can only track it back to the service – not to the sender. Even though Colgate utilizes the Google platform as our email service provider, we do not have any access to user information for Google accounts created outside of our Colgate domain.

Outside email providers are protective of their users’ identity, and will only disclose user information as result of a subpoena, search warrant or court order from law enforcement officials. As one example, here is a quick video showing how Google responds to requests for user’s information.

 


ITS ALERT: Phishing Email, December 1, 2014

By Peter Setlak on December 1, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has the subject, “Your mailbox is almost full.”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Phishing Email, November 11, 2014

By Peter Setlak on November 11, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has the subject, “Failure to comply may result in the loss of your account within the next 24 hours.”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


FAQ: How do I get “Header Information” from an email?

By Peter Setlak on November 11, 2014

When working through email problems with ITS, you may be asked for the email’s header information. This information contains details used by the email servers to route your message from computer to computer and finally to your inbox. This information is useful to ITS staff in and essential for troubleshooting email delays or for finding the true origins of phishing emails. Below are four ways to gather this header information (sometimes called, “raw source”). Once you get the header info, you can cut and paste it into a trouble ticket or email the text itself to an ITS staff member assisting you with your problem. Read more


ITS ALERT: Phishing Email, October 31, 2014

By Peter Setlak on October 31, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has the subject, “Failure to comply may result in the loss of your account within the next 24 hours.”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Security Exploit Reported in emailed Microsoft PowerPoint (.ppt and .pptx) Documents, October 22, 2014

By Peter Setlak on October 22, 2014

ISSUE: Security Exploit Reported in emailed Microsoft PowerPoint (.ppt and .pptx) Documents

OVERVIEW:

A new exploit in Microsoft PowerPoint (.ppt and .pptx) documents being sent in phishing emails has been reported by Microsoft.  The exploit enables a hacker to remotely run programs on a computer.

WHO DOES THIS AFFECT?

Anyone using email and Microsoft PowerPoint in all versions of Windows.

WHAT YOU SHOULD DO:  

1. Always be careful when using email – never open attachments or click links in an unsolicited email.

For more information about this issue and additional things you can do to protect yourself from this exploit, please continue reading: Read more

css.php