HeartBleed bug and Augsburg

You may recently have heard about Heartbleed, one of the biggest internet security flaws known and that essentially is a security flaw that makes many site passwords vulnerable.

While accounts at Augsburg have not been directly affected by HeartBleed, it is worth taking the precautionary measure of resetting passwords you use for social media sites such as Facebook, Instagram, Pinterest, and email accounts through services such as Yahoo and more.

It is especially important that departments and individuals who manage official social media accounts for the College (such as athletic and academic departments) change the passwords used for these sites.

IT staff further recommend that that Augsburg accounts each have unique passwords. A best practice is to avoid using the same password for multiple sites. This situation clearly illustrates the risk.

A full list of all the sites known to have password systems that are vulnerable are listed at http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/

Please contact your LFC if you have questions about resetting your password.

Posted in Security

Google: welcome to change

Where’s my apps menu?

oldmenu

Last week your menu looked something like above and now it looks something like below.  The apps menu (Search, Images, Mail, Drive, Calendar etc.) has been replaced with a new apps icon.

Screen Shot 2013-11-03

The apps icon is over on the right and is a menu of the apps available to you.  Click on the icon to see your apps and select the one you want.

New apps

 

Why did the menu change?

Google will be rolling out new features continually.  This is the new world we are working in.  The google platform of products will always be changing.  This change first came to gmail.com users (you might have seen this already on your personal gmail) and the education customers like ourselves soon follow.  Seeing a change in your gmail.com account is a good heads-up that it will be coming soon to your Augsburg gmail account as well.

To learn about why this changed you can read google’s help document here.  You can also read google’s official blog for news on upcoming google changes.

Posted in Google

On the road to Google

AuggiesGoGoogle

 

With the pilot long over the first wave (the early birds!) have moved to google apps for education (GAE) almost 2 weeks ago.  We now have over 100 faculty and staff in GAE as well as about 300 students.  In less than a month everyone will be switched.

This is a good opportunity to point out some links to what’s coming in google apps.  One of the main new realities with GAE is that it will always be changing as google adds more features.  We won’t have control over when the new features appear.  They will just appear.  Get ready!

Google publishes its calendar of new features at http://whatsnew.googleapps.com/. For example, in the near future you’ll see

 

Posted in Google

Google pilots take flight

The information technology department has started to convert over to google as part of our pilot phase of the Google project.  I’ve been using Gmail for my Augsburg mail now for two days (I’ve used gmail.com for my personal email for a few years).  So far I’m really enjoying it.  I’m finding all of my mail tasks faster than in GroupWise and I find I can file messages away by using labels much much faster than I could in GroupWise with folders.  This will help me keep my inbox smaller which I really need to do!  I’ll see how I’m doing one week from now.

The next step is getting four pilot departments going:

  • Library
  • Math
  • Residence Life
  • TRiO/SSS

Those departments will be switching over in the next week.  We will use feedback from those departments to help inform the IT Advisory Group when they meet in April to decide on the move.  So far all the feedback from the brown bag sessions in December and January has been positive and many good questions were raised and added to the FAQ.

If you have any questions feel free to ask your LFC or the Techdesk.

Posted in Google

Phishing – when at first you succeed, try and try again

Let’s try again.

The phishing attack from about 2 weeks ago is back and it brought friends.  The email is nearly the same too.  The last attack did trick some people so they might have thought they’d try it again.  Here is the first email from today:

Screen shot 2013-02-25 at 8.23.21 AM

This time they fixed the typo.  Did you catch it last time?  I’ll review the phishy aspects of this email.  All of these are red flags that should make you suspicious.  If you feel suspicious then it is likely a scam and you can delete it.  Always feel free to ask us too.

  1. You are being asked to login and update your email address.
  2. The subject is pretty generic.
  3. The From is miami.edu and not augsburg.edu.
  4. The message is not TO: you, it is BC: (blind carbon copied) at you.
  5. If you clicked on the link (which you should not!) it goes to www.verderural.com.br which looks a bit odd.

Shortly after the above email another phishing email was sent that represents a more standard attack.

Screen shot 2013-02-25 at 10.21.01 AM

Let’s count the red flags.

  1. The subject is pretty generic.
  2. The From is info@security.com (not the IRS).
  3. There is an urgency to the message and it involves taxes.  Why would you need to visit a website about tax forms within 48 hours?
  4. The web address actually goes to a totally different website (see below).

About the web address.

Many email programs allow you to move your mouse over the link without clicking on it.  That way you can see where the link will go before clicking on it.  My GroupWise client shows the link at the bottom of the email window (shown below).  In both cases the actual destination is not the same as what the link appears to be in the email (big red flag).

Screen shot 2013-02-25 at 8.41.18 AM

Screen shot 2013-02-25 at 10.21.01 AM

This time I took a picture of the first login page before we blocked it on campus.  They made a copy of one of our web pages to try to fool you.

Screen shot 2013-02-25 at 8.17.29 AM

Even though the page doesn’t have any Augsburg logos it looks rather official.  But again, if you did click on the link (which you should not do!) notice the web address in the browser address bar at the top.  There is nothing there that looks familiar and the .br (Brazil!) should be a big red flag.

The second phishing email’s website is very very tricky. See below.

Capture2

Let’s see what red flags exist on this web page.

  1. The address in the address bar is .br (Brazil).  That should be a big red flag.
  2. The web page is asking for your Social Security Number and birth date.  Those should set off your alarms right away.  Those two pieces of information are critical to your personal information security.  You should never be entering those online in response to an email.  Those two pieces of information are the keys that gain entry into your whole personal financial world — guard them like they are made of gold.

What should I do if I did enter my password?

  1. The first thing you should do is go change your password on Inside Augsburg.
  2. Don’t worry if you can’t login to change your password — try to use the “Forgot password” link to reset it.
  3. If you can’t reset it just call the Tech Desk or your LFC to get your account unlocked.  It is very likely that if you gave up your password that they are already sending spam and Augsburg IT will detect the 100s of emails being sent and will have changed your password to lock out the phishing attacker.
  4. After you have changed your password be sure to update your phone and other mobile devices with the new password.

And to illustrate again, here is another student video this time from CalPoly Pomona.

Posted in Security

Phishing – emails that try to get your password

What is phishing?

We just had an aggressive phishing attack on the campus.  What is phishing you ask?  It doesn’t mean salmon or cod are trying to get into our classes.  Phishing is when someone is trying to trick you into giving up personal information (username, password, financial info) by pretending to be someone else.  There is “bait” to “lure” you in.  They often use that info to take over your email account to send spam but sometimes may try to get at your personal information and financial accounts.

How to recognize phishing?

There is not a perfect test to recognize phishing but you can look out for these red flags.  Also, if something seems suspicious it’s probably a scam and you should just delete the message.

  • You are being asked for your login, password, or being directed to go to a page and login.
  • The message seems to come from out of the blue.
  • The message is poorly written or has spelling errors.
  • It is telling you this is urgent, important, you will lose access if you don’t act now.  They are trying to scare you.
  • The From: doesn’t match the content of the message.  Keep in mind the From: can be made to be anything (just like postal mail, I can send you a letter and put the from to be “President of the United States.”).
  • If you do click on the link (though we recommend you do not) be sure to look at the address in the address bar.
  • Augsburg IT will not ask you for your password and will generally not ask you to login to a website.

Let’s look at the recent phishing email and see how many red flags it raises.

Screen shot 2013-02-13 at 8.42.45 AM

  1. You are being asked to login and update your email address.
  2. The subject is pretty generic.
  3. There is a typo (can you spot it?).
  4. The From is wisc.edu and not augsburg.edu.
  5. If you clicked on the link it goes to alldayivebeenthinking.com/wp-content/themes/augsburg.edu.htm which looks a bit odd.

What should I do if I did enter my password?

  1. The first thing you should do is go change your password on Inside Augsburg.
  2. Don’t worry if you can’t login to change your password — try to use the “Forgot password” link to reset it.
  3. If you can’t reset it just call the Tech Desk or your LFC to get your account unlocked.  It is very likely that if you gave up your password that they are already sending spam and Augsburg IT will detect the 100s of emails being sent and will have changed your password to lock out the phishing attacker.
  4. After you have changed your password be sure to update your phone and other mobile devices with the new password.

This video by students at Cabrillo College will help you remember to watch out next time.

Posted in Security