Security

Beware of Scams and Phishing Attempts

To: Campus Community
From: Ray Quinto, Information Security Officer

The Information Security Office would like to remind you to be vigilant of scam emails and postings, especially as there may be an increase in fake job offers or rental listings following the Camp Fire.

Scams

Beware of unsolicited emails with offers or requests that seem odd or suspicious such as a work-from-home job opportunity with high pay for little work, asking you to purchase a number of iTunes gift cards and send a picture of the numbers, or that tell you to “contact me” in some urgent fashion. You may see similar postings on sites like Craigslist offering apartments or houses with surprisingly low rent. Sophisticated hackers can even spoof email addresses to make a message look like it’s coming from someone you know.

Treat anything odd as untrustworthy and do your best to verify the sender, company, or offer by phone or in person before acting on a request—hackers may control the sending email address and respond in ways that seem appropriate to get you to fall for the scam.

Remember, if an offer sounds too good to be true, it probably is.

Phishing

One of the most serious cyber-security risks facing the campus comes from phishing email messages. Phishing is the use of email in an attempt to steal personal information or hijack computing resources for fraud and identity theft, usually by having the user click a link that takes them to a familiar-looking login screen where information entered will be captured by the hacker. When employees and students are tricked into giving up their user name and password, criminals may gain access to campus systems and/or your personal information.

  • If you suspect an email is a phishing attack, you should delete it. Look for unfamiliar sender addresses, poor grammaror spelling, and a false sense of urgency, and hover over links to verify the URL they’re sending you to, etc. View more tips for spotting phishing attempts.
  • If you are unsure of an email’s legitimacy, verbally confirm with the sender, or you can consult IT Support Services.
  • Do not click on links or open attachments in a suspicious email.
  • If you suspect that you have fallen victim to a phishing scam, you should immediately go to the CSU, Chico Portal (portal.csuchico.edu) and reset your password.

Remember, Chico State will NEVER ask for your password via email.

Everyone with an email address is a potential target for phishing or scams. We work diligently to keep these types of emails from getting through our security, but it is a daily and sometimes hourly battle. The campus will continue to make improvements to security technology (including 2-Step Verification), but the best defense against these attacks isn’t just technology, it’s learning how to spot and delete phishing and scam emails. For resources and tips, visit the ISEC website.

Security

Wired Funds Scams

IT Support Services and the California State University, Chico Police Department would like to remind students and employees to be on the lookout for email scams that sometimes involve the wiring of funds.

If you receive an unsolicited email, or an unusual check accompanied by a letter, requesting that funds be wired to the solicitor through a money wiring service, do not respond by telephone or email and do not provide the solicitor with any of your personal information. The solicitation may be for employment, the purchase of iTunes and other gift cards, or for the completion of a survey.

These email schemes have been used worldwide and are examples of scams used to defraud people of their money. If something sounds too good to be true, it probably is.

To learn more about this and other scams, please review the following online resources:

FBI
fbi.gov/scams-and-safety/common-fraud-schemes/advance-fee-schemes

Federal Trade Commission
consumer.ftc.gov/articles/0159-fake-checks

U.S. Department of Treasury
occ.gov/news-issuances/consumer-advisories/2007/consumer-advisory-2007-1.html

Security

REVIEW DOCMENT Phishing

Campus was recently targeted by a phishing attack posing as a DocuSign email.

If you received this email please delete it without clicking on any links. If you clicked on the link and provided your credentials your account has been compromised. If you suspect your account was compromised you should immediately go to Account Center in the CSU, Chico Portal and reset your password.

Email, Security

Campus Targeted Phishing Email

We received multiple reports this morning of the following phishing email targeting the campus:

The following actions were immediately taken:

  • The sending account was disabled
  • Microsoft also blocked the sending account
  • The link URL was blocked on campus
  • The link URL was reported to Palo Alto Networks to be blocked off campus

If you received this email please delete it without clicking on any links. If you clicked on the link and provided your credentials your account has been compromised. If you suspect your account was compromised you should immediately go to Account Center in the CSU, Chico Portal and reset your password.

There were a few indicators that this was a phishing email:

  • Poor grammar and punctuation
  • Unusual “From” address
  • Non-campus URL link (see the screenshot below).

If you are unsure of the validity of an email you can hover your mouse over any links without clicking on them to see the URL. A URL that does not match the content of the email should be considered suspicious.

Security, Workstations

June Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, June 28th at 5:00 PM. On Thursday at 5:00 PM, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

 We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

In addition to Microsoft updates, there may be updates for Adobe Flash, Google Chrome, Mozilla Firefox, Oracle Java, and other 3rd party applications. These updates will require you to close all your browser windows. Please save any work in your browsers before doing so.

Security, Workstations

May Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, May 24th at 5:00 PM. On Thursday at 5:00 PM, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

In addition to Microsoft updates, there may be updates for Adobe Flash, Google Chrome, Mozilla Firefox, Oracle Java, and other 3rd party applications. These updates will require you to close all your browser windows. Please save any work in your browsers before doing so.

Security, Wireless

Eduroam Wireless Update

We have made updates to our Eduroam wireless configuration that will make it more secure for all users on campus. The new settings will ensure your connectivity is uninterrupted when you return in the fall, and also avoid extra steps whenever you change your password.

It’s easy to update, but you need to be on campus to make the changes.

  1. Connect to “csuchico” wireless network
  2. Launch a browser and go to www.csuchico.edu/eduroam
  3. Click on the “SignIn” or “JoinNow” button and follow the prompts