Fordham Information Technology - Secure IT: 2013

Thursday, December 19, 2013

Target customers' card data said to be at risk after store thefts

http://www.pcworld.com/article/2081860/target-customers-card-data-said-to-be-at-risk-after-store-thefts.html

Credit and debit card information of many Target customers may have been stolen leaving millions of cardholders vulnerable.

Thursday, December 5, 2013

Think you may be one of the 2 million? Don't play the odds... change your password. Here's some helpful tips.

More than 2 million Facebook, Google and other accounts compromised. <www.foxnews.com>

http://www.foxnews.com/tech/2013/12/05/passwords-guidelines-for-protecting-internet/

Security experts say passwords for more than 2 million Facebook, google and other accounts have been compromised and circulated online, just the latest example of breaches involving leading Internet companies.

Wednesday, December 4, 2013

TechRepublic's 10 Tips for Spotting a Phishing Email

Sound advice... Please read and share...

http://www.techrepublic.com/blog/10-things/10-tips-for-spotting-a-phishing-email/

Sunday, December 1, 2013

Update - Phishing Email Sent to the Fordham Community on 12/1/2013

This is another Phishing email that has been reported. This message was received on or about December 1st, 2013. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpit@fordham.edu.

From: "helpdesk@fordham.edu"
Date: December 1, 2013 8:50:01 PM EST
To: helpdesk@fordham.edu
Subject: Update

Due to excess abandoned Emai1 Accounts, we have decided to run a
database c1ean-up and refresh all Emai1 accounts. To prove the
existence and functionality of your Email, please provide your
#Emai1: your WHOLE email address # Password,

# Username:
# Password:

Failure to do this wi11 immediate1y render your Emai1 deactivated
from the Web Admin database.Database refreshing sha11 commence once a
response is not received within 48HRS.

Thank you.

Tuesday, November 19, 2013

SUSPECT: *Technical notice about your email account - Phishing Email Sent to the Fordham Community on 11/19/2013

This is another Phishing email that has been reported. This message was received on or about November 19th, 2013. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpit@fordham.edu.

From: Aungst, Andrew R
Date: Tue, Nov 19, 2013 at 8:13 PM
Subject: SUSPECT: *Technical notice about your email account
To: "employeestaff@webmaster.org"


*Technical notice about your email account
Dear Staff

Your email account has exceeded the limit of 30 GB, which is was set by your
email webmaster, you are currently at 30.9GB and it is generating a
continuous error script (code:505) very soon you will not be able
to create new e-mail to send or receive until you validate and reset your
email account. Please CLICK HERE NOW To re-validate and reset
your email account. Please login with valid information by clicking on the link above.
Thank you for your cooperation.

Information and Technology DESK
THE MAIL TEAM
----------------------------------------------------------------------------
This e-mail was sent by using automated process. Please, do not
reply to this e-mail as it cannot accept replies.

Sunday, November 3, 2013

Quick Response - Phishing Email Sent to the Fordham Community on 11/3/2013

This is another Phishing email that has been reported. This message was received on or about November 3rd, 2013. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpit@fordham.edu.

From: helpdesk@fordham.edu [mailto:customer_center55@live.com]
Sent: Sunday, November 03, 2013 12:30 PM
To: undisclosed-recipients:
Subject: Quick Response

Due to excess abandoned Email Accounts, we have decided to run a
database clean-up and refresh all Email accounts. To prove the
existence and functionality of your Email, please provide your
#Email: your WHOLE email address # Password,

# Username:
# Password:

Failure to do this will immediately render your Email deactivated
from the Web Admin database.Database refreshing shall commence once a
response is not received within 48HRS.

Thank you

Saturday, November 2, 2013

Your Webmail Account is on Restriction - Phishing Email Sent to the Fordham Community on 11/2/2013

 This is another Phishing email that has been reported. This message was received on or about November 2nd, 2013. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpit@fordham.edu.


From: Fordham University
Date: Sat, Nov 2, 2013 at 4:40 PM
Subject: Your Webmail Account is on Restriction
To: Recipients


Fordham University
===================================
We detected irregular action on your e-mail system on November 02, 2013.
As the Primary owner, you must verify your account activity before you can continue using your account, and upon verification, we will remove any restrictions placed on your account.
click on the link below:

 https://login.fordham.edu/cas/login


Thursday, October 24, 2013

CryptoLocker

Those files on your computer important?  Thought so... beware of emails containing attachments, they could infect you with the ransomware, CryptoLocker, which will encrypt your files making them unretrievable.  Backup your computers, make sure you have Anti-Virus installed with the latest signatures, don't fall for email scams and make sure you have the latest secure applications on your computers
For a copy of Symantec Endpoint Protection or for any IT security concerns, call or email Fordham IT Customer Care at 718-817-3999 or helpit@fordham.edu

For more information, watch this video from Sophos:
http://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/

Thursday, September 26, 2013

Update Form1 - Phishing Email Sent to the Fordham Community on 9/26/2013

This is another Phishing email that has been reported. This message was received on or about September 26th, 2013. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpit@fordham.edu.

The email redirects users to a site that is asking for School User ID, email address and password.  If data is entered, nothing happens and the user is redirected to Blackboard.com unaware that their credentials have been stolen. 

From: Blackboard Learn <eonlinesupport@blackboard.com>
Date: Wed, Sep 25, 2013 at 2:29 PM
Subject: Update Form1
To: 


http://www.blackboard.com/includes/theme2011/img/logos/home.png

Dear Faculty/Staff/Students,

An important course form has been posted to you through the Blackboard Learning System.

Please sign in immediately to view the form.

Click here to sign in

Thank you,

Blackboard Learn.


Tuesday, September 17, 2013

Don't have a passcode on your phone? You really, really should?

"We have so much information on our devices that we want to protect…  We have to protect them… The most common way of course is to setup a passcode. Simple 4 digit passcode or a more complex one if you want...  Unfortunately, some people find that's too cumbersome and they don't set it up.  In fact in our research, about half of smartphone customers do not set up a passcode on the device, and they really, really should."

-Phil Schiller

Apple Special Event. September 10, 2013

Thursday, September 5, 2013

Important Notification-final notice - Phishing Email Sent to the Fordham Community on 9/5/2013

This is another Phishing email that has been reported. This message was received on or about September 5th, 2013. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpit@fordham.edu.

From: Fordham IT Alert
Subject: Important Notification-final notice
Date: September 5, 2013 10:03:26 AM EDT
To: user@fordham.edu
logo
Hello,
To secure our system and all employees details from all forms of cyber attacks following the latest compromise on our database the IT Services and the Human Resources have
unanimously agreed to upgrade our system to the latest OLTP Microsoft Server . Hence to secure your profile and details you are required to immediately upgrade to this platform.

It takes less than 2 minutes to update your profile. Follow the link below to have your details immediately upgraded:

http://secure.fordham.edu/oltp-upgrade14.employeeHRMS/?cm=login

 
Thank you,
IT Services & HR Management System
Fordham University

Monday, August 19, 2013

Legitimate Email from Fidelity Investments

The following example is a legitimate email from Fidelity Investments for information regarding investment plans offered to Fordham employees. Please be assured that this is NOT a Phishing scam.


From: Your Benefits Center fidelity.com>

Date: Fri, Aug 16, 2013 at 2:25 PM
Subject: Important Plan Information
To: user@fordham.edu>

 

Fordham University Retirement Plan
Participant Disclosure Notice
You are receiving this email, which contains a link to your Participant Disclosure Notice, because you participate, or are eligible to participate, in the Plan referenced above. To help you better understand certain Plan features, the Plan administrator has directed Fidelity Investments®, one of the Plan's providers, to collect information from the Plan's investment providers, consolidate it, and deliver it to you.
The Notice contains details about your Plan's investment options, restrictions, fees and expenses, in order to help you when making investment elections.
To access the Notice now, go here. From the home page, please enter the Password: XXXXX. If you would like a paper version of the Notice, free of charge, please contactFidelity at the phone number provided in Section 2 of the Notice.
Quick Links

Important Plan Information

Password: 52594


Privacy Policy   |    Terms of Use
The information in this e-mail is intended solely for the attention and use of the named addressee. This message or any part thereof must not be disclosed, copied, distributed, or retained by any person without authorization of the addressee.
Please do not respond to this e-mail. This mailbox is not monitored and you will not receive a response.
Your employer has provided Fidelity with this work-related email address and has arranged for you to receive this communication. Your employer may continue to send employment or benefit information to this address.
Fidelity Investments Institutional Operations Company, Inc., 82 Devonshire St., Boston, MA 02109
593557.5.0
© 2013 FMR LLC
All rights reserved.
Reference ID: 13815360386 


US-CERT Technical Cyber Security Alerts

IT Security - The IT Security Industry's Web Resource