Home - Office and Services - Information Technology - Information Technology News
Information Technology News

Latest Posts

ITS ALERT: Phishing Email, November 11, 2014

By Peter Setlak on November 11, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has the subject, “Failure to comply may result in the loss of your account within the next 24 hours.”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


FAQ: How do I get “Header Information” from an email?

By Peter Setlak on November 11, 2014

When working through email problems with ITS, you may be asked for the email’s header information. This information contains details used by the email servers to route your message from computer to computer and finally to your inbox. This information is useful to ITS staff in and essential for troubleshooting email delays or for finding the true origins of phishing emails. Below are four ways to gather this header information (sometimes called, “raw source”). Once you get the header info, you can cut and paste it into a trouble ticket or email the text itself to an ITS staff member assisting you with your problem. Read more


ITS ALERT: Phishing Email, October 31, 2014

By Peter Setlak on October 31, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has the subject, “Failure to comply may result in the loss of your account within the next 24 hours.”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Security Exploit Reported in emailed Microsoft PowerPoint (.ppt and .pptx) Documents, October 22, 2014

By Peter Setlak on October 22, 2014

ISSUE: Security Exploit Reported in emailed Microsoft PowerPoint (.ppt and .pptx) Documents

OVERVIEW:

A new exploit in Microsoft PowerPoint (.ppt and .pptx) documents being sent in phishing emails has been reported by Microsoft.  The exploit enables a hacker to remotely run programs on a computer.

WHO DOES THIS AFFECT?

Anyone using email and Microsoft PowerPoint in all versions of Windows.

WHAT YOU SHOULD DO:  

1. Always be careful when using email – never open attachments or click links in an unsolicited email.

For more information about this issue and additional things you can do to protect yourself from this exploit, please continue reading: Read more


ITS ALERT: Phishing Email, October 8, 2014

By Peter Setlak on October 8, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has the subject, “Notices”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Vulnerability in Apple Mac OS X, Linux and Unix-based Systems

By Peter Setlak on September 30, 2014

OVERVIEW:

On September, 24, 2014, US-CERT made public vulnerability in the Bourne-Again Shell (bash) found on nearly all Unix-based operating systems including Mac OS X and Linux. In response, ITS patched our public-facing systems and reached-out to staff and faculty running Linux. While waiting for current patches to be released by Apple, ITS took precautionary measures on the campus firewall to help block exploits. Apple has released their patch and ITS strongly recommends that all Unix-based systems, including Mac OS X, be patched.

WHO DOES THIS AFFECT?

Anyone running Mac OS X, Linux or Unix-based operating systems.

WHAT YOU SHOULD DO:  

Obtain and install patches for your operating system. Patches and/or information can be found here:

Apple Mac OS X (Lion) (Mountain Lion) (Mavericks)
Red Hat LinuxCentOS
DebianUbuntu

Package updates are also available for SUSE, FreeBSD and other Unix-based systems including Cygwin. For assistance obtaining patches for these and other Linux distributions, please contact ITS.

See more information about this issue, follow the links below:

https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability

http://support.apple.com/kb/HT1222

If you have questions or need assistance please open a ticket with the help desk or call x7111.

Thank you for your patience and cooperation.


ITS ALERT: Phishing Email, September 29, 2014

By Peter Setlak on September 29, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email claims to come from “Help Desk” and has the subject line of, “Failure to comply may result in the loss of your account within the next 24 hours.”

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

Read more


ITS ALERT: Phishing Email, September 18, 2014

By Peter Setlak on September 18, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email has no subject line and comes from “Webmaster”.

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading.

From: Webmaster <morrow@hope.edu>
Date: Thu, Sep 18, 2014 at 11:02 AM
Subject:
To:

Attn Web User.
   Your E-mail was Login from a different device, your account will be
  disabled as a result of multiple login if you do not validate, to validate your account,
Make sure you fill the correct data  to validate your account.
Support Webmaster
Copyright (C) 2014 System Admin.

Read more


ITS ALERT: JP Morgan Chase Phishing Email, August 25, 2014

By Peter Setlak on August 25, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing campaign against JP Morgan Chase customers is circulating the Internet. Please be extra vigilant when opening emails appearing to come from JP Morgan Chase.

WHO DOES THIS AFFECT?

All employees who are JP Morgan Chase card-holders.

WHAT YOU SHOULD DO:  

If you suspect that you have received one of these phishing emails, please do the following:

1. Open a ticket with the help desk.
2. Do NOT give out your username and password.
3. Do NOT click on any links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see an article showing a copy of this particular phishing email, please visit http://www.proofpoint.com/threatinsight/posts/smash-and-grab-jpmorgan.php


ITS ALERT: Phishing Email, August 9, 2014

By Peter Setlak on August 9, 2014

ACTION REQUIRED:  PHISHING EMAIL / SECURITY ALERT

OVERVIEW:

A phishing email trying to trick users into giving up their username and password has been reported. The email’s subject line is, “System Administrator”

WHO DOES THIS AFFECT?

Everyone on campus is urged to take caution when using email and to be aware that Colgate ITS will never ask for your username and password. Also, ITS will never ask you to update or confirm your email account via email due to congestion, deactivation or lack of use. Additionally, all users are urged to use strong passwords on all their accounts.

WHAT YOU SHOULD DO:  

1. Delete the email.
2. Never give out your username and password.
3. Never click on links in emails that are unsolicited.

If you have questions, need assistance, or replied to the email, please open a ticket with the help desk or call x7111.

To learn more about phishing and how to spot it, please visit http://colgate.edu/itsecurity/phishing

Thank you for your patience and cooperation.

To see a copy of this particular phishing email, continue reading. Read more

css.php