Phishy Emails

Posted on April 10, 2012 by Bryan McLaughlin

Creighton is seeing a large increase of phishing emails.  We are aware of bogus Verizon bills and Apple Store order acknowledgments, be cautious of any emails that appear to be suspicious.  The easiest and safest way to identify these emails as bogus is to hover your mouse pointer over the embedded links in the emails, if the links are not from the purported vendor then you know the email is bogus and you can simply delete the message.

As always, if an email looks “phishy” forward the suspicious emails to abuse@creighton.edu and we will help you verify the veracity of the email.

Here are some examples of the phishing messages we are seeing:

 

Share

Posted in email, exchange, phishing, social engineering | Leave a comment

Changes to VPN (and CUWireless)

Posted on March 19, 2012 by Adam Schumacher

Effective June 1st, 2012, DoIT will be decommissioning the current Cisco VPN system.  It has been replaced by a newer one that is available for use now.  You will need to uninstall the existing vpn client and install the new AnyConnect client located at https://cuvpn1.creighton.edu (only accessible from off-campus).  If you are using the vpn from a creighton owned laptop or workstation, you should contact your IT support person, or the service desk (@ 280.1111 OR servicedesk@creighton.edu) to have them take care of it for you.

With the new system, a few changes will be occurring.  Primary among them is that the new system uses a technology called “Split tunneling”.  What this means is that any traffic destined for Creighton will go through the VPN.  Any traffic that is destined for the internet will go directly out to the internet as it would have without the VPN turned on.  This helps save bandwidth for the University as we don’t have to route that traffic through our network before sending it back out to the internet.  It also means a faster, better experience for you since your traffic can go more directly to its destination.

Another change is occurring that will impact both the VPN and CUWireless.  We will be restricting access to only active netid/guestid accounts.  If you are using some kind of generic or service account to log in to the VPN or CUWireless, this will no longer work after April 20th, 2012.

As always, if you have any questions, please contact the service desk by calling 402.280.1111 or emailing servicedesk@creighton.edu

Share
Posted in vpn, wireless | Leave a comment

Tax Season Woes

Posted on January 26, 2012 by Adam Schumacher

Another tax season is upon us and it isn’t just the IRS out to get your money.  Scammers and phishers are looking to trick people into giving up their personal information or downloading files containing malicious software.  Remember, as always, be aware of suspicious links and requests via email (especially), but also over the phone and regular old postal mail too!  The IRS doesn’t need to ask for (and won’t!) any more personal information to process your tax returns or distribute your refund.  You already gave them what they needed when you filed.

You can get more information from the IRS themselves at the irs.gov site.  They even have a helpful youtube video [or see below].

Share
Posted in email, phishing | Leave a comment

Be Safe and Happy Holidays

Posted on December 23, 2011 by Adam Schumacher

The holiday season is a great time for gathering with friends and family and experiencing all the joys of the sacred.  Unfortunately, its also a great time for scammers, phishers, and hackers to take advantage of individuals who will be looking for deals when shopping or traveling.

Remember to never click on links or download unexpected attachments in emails.  No reputable retailer is going to ask you to enter personal or account information as a response to an email.  Avoid fraudulent or unscrupulous sites by directly navigating to trusted online retailers (ex, by typing www.amazon.com directly in your browser).

Be safe and Happy Holidays from the DoIT Security Office!!

Share
Posted in social engineering | Leave a comment

Be careful on Cyber Monday

Posted on November 28, 2011 by Adam Schumacher

Yay! It is the year’s #1 shopping day for those of you who didn’t feel the need to brave the mace-wielding crowds on Black Friday.  Retailers across the internet have stepped up the marketing and deals in an attempt to draw what analysts suspect will be a record breaking day.  However, that also means the criminals and miscreants will be out in force too, trying to trick unsuspecting shoppers into giving up their personal information or hard-earned money in fradulent or malicious schemes.  Here are some tips to keep you safe today:

1) Don’t click links in unsolicited emails!  Avoid fake phishing emails sending you to fraudulent copies of real sites by typing the urls into the browser directly by hand.  At least verify that the email link is legitimate before you click it.  (You can check links in outlook or entourage by hovering over them with your mouse before clicking on them.)

2) Make sure you are at the REAL (amazon.com, ebay.com, half.com, etc.) site before you start entering your personal information.  Also, you will want to check that the site is using SSL to keep the information protected as its sent across the internet (most browsers will display a locked padlock or highlight the URL of a site using SSL).

3) Remember that legitimate retailers (this goes for banks and yes, even Creighton) will NEVER ask for your personal or account information via an unsolicited email or phone call.

Share
Posted in social engineering | Leave a comment

AMI now on your mobile phone!

Posted on October 19, 2011 by Adam Schumacher

This past weekend, AMI was updated to be easily accessible from your Droid, iPhone/iPod Touch, and Windows Mobile 7 (v7.5 and up) devices!  That means you can search for people, update your directory information, and change or reset your blue password on the go!  Just fire up the browser on your phone, point it to the usual url (https://ami.creighton.edu), and give it a whirl!

Share
Posted in ami, mobile | Leave a comment

Welcome to Cybersecurity Awareness Month!

Posted on October 3, 2011 by Adam Schumacher

October is cybersecurity awareness month.  That means its a good time to review my top three security tips and best-practices.

1) A good password is often the only thing standing between your confidential data and people you don’t want seeing that data.  Choose a good, strong password, and change it regularly

1.1) Don’t use the same password everywhere.  Just like you have different keys for your house, your car, and your office, you should have a different password for different services/applications.

2) Patch. Patch. Patch. Not only does your operating system have vulnerabilities (yes even Macs and Linux!), but your most used applications do also.  Adobe flash, Acrobat, and firefox/chrome/IE are all very important to keep updated.  Most malware could have been prevented by a properly patched computer.

3) Backup your important documents.  That computer you bought in 2001 isn’t going to last forever, and if you wait till it dies before getting a new one, you could be looking at re-writing your thesis from scratch.  Ouch.  At the very least you could burn your My Documents folder to a CD/DVD every once in a while.  Or get an external HD and some backup software.

Share
Posted in tips | Leave a comment

Blocking Remote Desktop (3389)

Posted on September 8, 2011 by Adam Schumacher

At noon today, port 3389 will be blocked for both on- and off-campus communication.  This port is most commonly used for Windows remote desktop protocol.  We are taking this measure to help prevent the proliferation of a recent worm, Morto, that uses this protocol to spread.  This block will NOT affect VPN users.  If you are currently connecting to a computer from off campus, you will need to be sure to use the VPN client, which you can get (if you are already off-campus) from https://cuvpn1.creighton.edu.

One other thing to note is that this worm (currently) uses a brute-force mechanism to log in using a pre-defined list of passwords.  As such, the best prevention is to make sure you have a strong password for all of your accounts.

Share
Posted in changes, firewall | Leave a comment

SSL Certificate Suspension

Posted on September 7, 2011 by Adam Schumacher

Due to recent claims of a security breach, GlobalSign (the company that we get our SSL certs from) has temporarily ceased issuing new certificates while they investigate.  No new or renewal certificates will be available until they lift the suspension.  We will be monitoring the situation and let campus know when anything changes.  Another company, DigiNotar, was recently breached by the same hacker, causing all of their certificates to become un-trusted.  As a result, we have to take this threat seriously.

Share
Posted in breaches, ssl | Leave a comment

The Enigma of Facebook security

Posted on August 22, 2011 by Adam Schumacher

Worried about the privacy or security of your information out on Facebook?  Maybe you’ve read something about some change Facebook has made to “improve” security?  Or, maybe you’ve heard something on the news about all the issues with privacy and Facebook?  Well, even if this post is your first encounter with the subject,  there is some good news for you.  A couple of security professionals got together and wrote a nice guide to better help people understand their options and get a better handle on the privacy controls available to them.  You should check it out!

Share
Posted in tips | Leave a comment