Phishing, Security

Campus Spearfishing Attack

Over the past two weeks Chico State has been specifically targeted by people who have analyzed our org chart and are crafting email attacks based on that data by creating bogus @gmail accounts and then emailing spearphishing attacks “from” a manager to their staff.

spearphishing example

If you reply to these emails they will ask you to purchase gift cards.

I will be having a busy day and I want to surprise some of the staffs with gift card. The type of card I need is steam wallet gift cards $100 denomination, I need $100 X 7 cards so that will be $700 i will be reimbursing back to you. You will purchase the cards from a nearby store to you, when you get the cards, Scratch out the back to reveal the card codes, take pictures of each cards and send it to me here. How soon

can you get that done? Its Urgent and I want you to keep the physical card safe with you cos I will get them from you later.

Once the scammer has the card codes they can take the money from the cards, even without physical access to the cards.

More information about phishing is available at https://www.csuchico.edu/isec/resources/avoid-threats/spam-phishing.shtml

Zoom

All Zoom Meetings Now Have a Password

Starting May 26th, Zoom automatically generates a password for all new Zoom meetings as well as Personal Meeting Rooms.

This includes:

  • Any time you select Schedule a New Meeting (whether it be through the Zoom portal, client, Outlook plugin, or Blackboard Learn).
  • Any time you choose Host a Meeting to start a non-scheduled, “instant” meeting.
  • Any time you use your Personal Meeting Room*.

Although it may sound alarming, these passwords are actually quite seamless. Zoom automatically encrypts the password and includes it in the Zoom Invite Link for attendees or, if you are using the Blackboard integration, through the Zoom Blackboard Learn link.

* If you use your Personal Meeting Room, please consider sending a new invite to attendees.

Telephone

Phone System Upgrades

Computing and Communications Services (CCSV) will be implementing a major upgrade to our campus voice solution, also known as the Avaya Private Branch Exchange (PBX), in the latter part of June 2020.

With this upgrade comes added flexibility for users, including the opportunity to transition to Software-based telephony, also known as a soft phone. A soft phone allows a user to answer their office extension from their desktop or laptop, regardless of location.

A migration strategy is being developed—one which may change as needs arise, and one which will be heavily informed by the University’s plan to return faculty, staff, and students to campus. CCSV will coordinate with each department to understand its specific telephony needs, and build a solution to best meet those needs.

This deployment is significant not only under the circumstances we find ourselves in during the COVID-19 pandemic, but also as a critical needs tool that will ensure business continuity for the University.

For more information and to view the projected timeline, please visit www.csuchico.edu/ccsv.

Wireless

Eduroam Wireless Certificate Update

Scheduled Change: 7:00 AM Tuesday, May 19th
Service Impacted: Eduroam Wireless

At 7:00 AM Tuesday, May 19th the security certificate for campus Eduroam wireless will be updated. This will require all wireless devices to be reconfigured before they can reconnect to Eduroam. You can reconfigure your wireless devices by going to www.csuchico.edu/eduroam and following instructions. If your device is not on campus you may get an error that says Eduroam is out of range, but the configuration will still be successful.

VPN

PulseSecure VPN Solution Retired May 30th

The PulseSecure VPN Solution will be retired as of May 30th, 2020. CSU, Chico has migrated to Palo Alto Networks GlobalProtect VPN as our VPN solution for remote access.

Most VPN users, and all campus managed computers, have already moved to GlobalProtect. If you require assistance getting set up for GlobalProtect, please contact IT Support Services (ITSS) at (530)898-HELP (4357).

For or more information on using VPN and installation instructions for the Global Protect VPN Client, please see: www.csuchico.edu/vpn