Security

Students Targeted by Email Job Scams

CSU, Chico students are often targeted with scams promising jobs. Students have been scammed out of money or had campus accounts compromised by job-related phishing scams. ITSS recently used PhishMe to raise awareness of this type of scam. We modeled the PhishMe campaign after an actual job scam that had recently targeted CSU, Chico students.

The campaign was a “double barrel” format wherein an initial email references a forthcoming email to build trust. The second email will attempt to obtain account credentials, personal information for identity theft, or will request payment for materials needed for the fake job.

2.46% of CSU, Chico students were found by PhishMe to be susceptible to this type of scam and were redirected to educational phishing material. While this is lower than previous campus PhishMe campaigns it still leaves room for improvement.  Be aware of emails that:

  1. Ask you to click on a link or open an attachment.
  2. Create a sense of urgency.
  3. Evoke strong emotions, like greed, jealousy, or fear.
  4. Request sensitive data.

CSU, Chico will never ask for passwords or other sensitive data via email. Always check the URL of the site you are visiting. In many instances, a phishing email will direct you to an imitation website that appears legitimate, but attempts to steal your password or other sensitive data.

ITSS has worked with Student Employment and the Career Center to collect actual job scam examples that have recently targeted CSU, Chico students:

job scam example

job scam example

If an email or job offer sounds too good to be true it probably is. Most legitimate jobs do not require you to pay money or send personal information via email. Don’t hesitate to check with ITSS if you are unsure about the authenticity of an email you’ve received.

Security

Petya Ransomware Warning

The campus is aware of a new cyber-attack that is being reported widely in the news.  The Cyber-attack is called Petya, and it is primarily spread through Phishing and old Windows software vulnerabilities.

The campus server, network, and desktop teams are actively monitoring and working to protect the campus from this attack.

What you need to know:

  • This is a Windows Operating System, not a Mac OS or IOS attack.  However, Mac OS and iOS can forward links and attachments which contain the attacking “malware.”  Mac OS systems should run anti-virus/anti-malware software.
  • If you have a campus managed computer, your computer should have received the security patch for this attack in March.
  • Be very vigilant about opening email messages, Phishing is the primary method of attack.  More information about phishing: http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml.
  • If your computer reboots unexpectedly and acts uncharacteristically slow, or prompts you stating that “your files are no longer accessible,” turn off your computer and contact ITSS.
  • Make sure that you store your files on the campus Box instance or Bay file server.  If your computer is compromised, your files will be permanently lost unless a backup exists.

What does “managed” mean, and how can I tell if my campus computer is managed?

Managed means that your workstation or server is configured to use the campus ITSS management system SCCM.  You can verify this by entering “Software Center” in the Start Menu search.  You can also tell if your computer notifies you regularly that updates are being installed. If you believe that your campus computer is not managed please contact ITSS.

What do you need to know for protecting your home or personal computer?

  • Make sure that your computer has the latest Microsoft Patches installed.
  • Patch any other non-Microsoft software installed on your computer.
  • Make sure your files are backed-up.
  • Make sure that you are running an anti-virus program that is receiving current updates.

More information about Petya ransomware is available at https://www.us-cert.gov/ncas/current-activity/2017/06/27/Multiple-Petya-Ransomware-Infections-Reported

Security, Wireless

Immediate Action Required: Eduroam Network Update

Changes are being made to the encryption infrastructure that secures the Eduroam network. Wireless devices require a configuration update to ensure uninterrupted network access. These changes are schedule for April 11th. Failure to run the update in advance may result in an interruption of your Eduroam access.

Please log into your CSU, Chico Portal account and follow the “EDUROAM NETWORK UPDATE” instructions.

Please run this update on each of your mobile devices.  It should only take a few minutes of your time.

If you have questions or concerns, please submit a request at support.csuchico.edu or contact IT Support Services.

Security, Training

February Phishing Awareness Campaign

As part of a phishing awareness campaign an email was sent to campus in February that mimicked a phishing email. About 8% of us that opened this email were found susceptible to phishing. This is lower than the 16% from a similar campaign in December. February’s campaign differed from December in that it linked to a page that asked for credentials to be entered, instead of just linking directly to educational material.  Unfortunately about half of those that clicked on the link then provided credentials. Had this been an actual phishing attempt this would have allowed these accounts to be compromised and put the campus at risk.

Here is what the email looked like with some signs that it was not legitimate noted:

Clicking on the link in the email brought you to a login page. Here is what that page looked like with some signs that it was not legitimate noted:

Simulated Phishing Campaign Results

The simulated phishing campaign was broken into two groups: employees and students. If you are both an employee and a student you may have received two simulated phishing emails. Below you can see the results of this campaign.

Students

Employees

We are planning future phishing awareness campaigns, including more simulated phishing emails. We hope that improved awareness of the signs and dangers of phishing will reduce the number of compromised campus accounts and resources, and help protect campus data.

More information about phishing is available at http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml

More information about the PhishMe simulated phishing tool is available at http://www.csuchico.edu/isec/tools_resources/phishme.shtml

Security

Handling Identity Finder Results

Identity Finder is a tool designed to locate confidential Level 1 data that may be stored on campus computers.  To protect the privacy and confidentiality of our students and employees, it is important that all campus computers are scanned and the results be processed.

Identity Finder is run automatically on campus computers every month, however you still need to “process” the results from the scan.

What you need to do:

    • Launch Identity Finder and set a password

The following article shows what to do if your Identity Finder password is lost (see Creating an Identity Finder Profile):

https://wiki.csuchico.edu/confluence/display/help/Running+Identity+Finder

  • Run Identity Finder and review or “process” your results.  Select Advanced

More information about the CSU, Chico Data Classification Standard can be found here:

http://www.csuchico.edu/isec/data_protection.shtml

Open a support ticket with ITSS if you have any questions or need assistance:

https://support.csuchico.edu/TDClient/Requests/ServiceDet?ID=8999

More information about Identity Finder https://www.csuchico.edu/identityfinder

 

Security

Career Center Job Scam Warning

The Chico State Career Center sent this good advice about avoiding scams when job hunting:

Play it smart! As you search for the job of your dreams, keep the following in mind:

No legitimate employer will ever ask you to send or receive money on their behalf.

Do Not Respond to any job advertisement or offer that requires you to
-give your credit card or bank account numbers or copies of personal documents, but you get nothing in writing
-send payment by wire service or courier
-deposit checks or transfer money into your bank account
-receive or process a large check

And in general, remember the old adage, “if it sounds too good to be true, it probably is.”  When in doubt, before you apply, contact the Career Center (SSC 270 or 530-898-5253), and we can help you determine if a particular job posting may in fact be a scam.  Even if you aren’t inclined to apply, please notify our office of any posting that seems suspicious to you.

We want to assure you that the majority of postings are legitimate.  Success in the job market is often enhanced by applying to numerous postings, rather than just a select few.  You should not be wary of applying to jobs in general, just keep the above guidelines in mind and when in doubt, ask us!

For more information, please refer to the following links:

Chico State Information Security: http://www.csuchico.edu/isec/

FBI: https://www.ic3.gov/media/2017/170118.aspx.

Chico State Career Center
Student Services Center 270
530-898-5253
JobCat Database
www.csuchico.edu/careers