Email, Security

Campus Targeted Phishing Email

We received multiple reports this morning of the following phishing email targeting the campus:

The following actions were immediately taken:

  • The sending account was disabled
  • Microsoft also blocked the sending account
  • The link URL was blocked on campus
  • The link URL was reported to Palo Alto Networks to be blocked off campus

If you received this email please delete it without clicking on any links. If you clicked on the link and provided your credentials your account has been compromised. If you suspect your account was compromised you should immediately go to Account Center in the CSU, Chico Portal and reset your password.

There were a few indicators that this was a phishing email:

  • Poor grammar and punctuation
  • Unusual “From” address
  • Non-campus URL link (see the screenshot below).

If you are unsure of the validity of an email you can hover your mouse over any links without clicking on them to see the URL. A URL that does not match the content of the email should be considered suspicious.

Security, Workstations

June Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, June 28th at 5:00 PM. On Thursday at 5:00 PM, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

 We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

In addition to Microsoft updates, there may be updates for Adobe Flash, Google Chrome, Mozilla Firefox, Oracle Java, and other 3rd party applications. These updates will require you to close all your browser windows. Please save any work in your browsers before doing so.

Security, Workstations

May Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, May 24th at 5:00 PM. On Thursday at 5:00 PM, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

In addition to Microsoft updates, there may be updates for Adobe Flash, Google Chrome, Mozilla Firefox, Oracle Java, and other 3rd party applications. These updates will require you to close all your browser windows. Please save any work in your browsers before doing so.

Security, Wireless

Eduroam Wireless Update

We have made updates to our Eduroam wireless configuration that will make it more secure for all users on campus. The new settings will ensure your connectivity is uninterrupted when you return in the fall, and also avoid extra steps whenever you change your password.

It’s easy to update, but you need to be on campus to make the changes.

  1. Connect to “csuchico” wireless network
  2. Launch a browser and go to www.csuchico.edu/eduroam
  3. Click on the “SignIn” or “JoinNow” button and follow the prompts
Security, Workstations

April Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, April 26th at 5:00 PM. On Thursday at 5:00 PM, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

 We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

In addition to Microsoft updates, there may be updates for Adobe Flash, Google Chrome, Mozilla Firefox, Oracle Java, and other 3rd party applications. These updates will require you to close all your browser windows. Please save any work in your browsers before doing so.

Email, Security

Campus Phishing Emails

Campus employees have received multiple phishing attempts this week that appear to be from other campus employees.

The attacker is impersonating high profile accounts, and is attempting to initiate a conversation that would likely lead to a request for information or include a malicious link/attachment. An example of the fraudulent email is included below.

Please delete these emails, do not click any links within the message, and do not respond.

More information about spam and phishing scams is available at http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml