Uncategorized

LastPass Maintenance

LastPass will be conducting maintenance on Friday, November 18th, 9:00 PM – 11:00 PM. During this time LastPass users will unable to log in to LastPass using federated login, passwordless login, or standard login with an account enabled to use the LastPass Authenticator for multifactor authentication. More information is available at status.lastpass.com.

Uncategorized

Student Employment Scam

Beware of this student employment scam currently targeting Chico State students. Scammers are contacting students via email and text promising employment in an attempt at bank fraud. Be cautious of any job offer that requests a purchase, your bank information, or other personal information.

scam email example
scam email follow up example
Uncategorized

Phishing Attempt

Watch out for this phishing scam that was just sent to employees. Don’t click on the link. If you clicked on the link and entered your credentials please use Account Center to reset your password immediately.

phishing screen caputre
Uncategorized

Work From Home Resources

The ITSS website has our contact information and links to the IT Service Catalog, Knowlege Base, Account Center, Live Chat, and ITSS Twitter.

Campus is maintaining a COVID-19 News & Information page with resources for Students, Faculty, & Staff.

Here are some additional resources:

Uncategorized

Employee Phishing Awareness Campaign

As part of an ongoing phishing awareness campaign a simulated phishing email was sent to campus employees earlier this month using the Cofense PhishMe service.

This campaign was a “benchmark” scenario allowing us to compare how susceptible campus is compared to other organizations. 2% of campus employees were found susceptible compared to a 1% average for other organizations.

phishme results - spring 2020 employees

This scenario looked like a voice mail notification:

phishme email

The PLAY button linked to a generic sign in page:

phishme sign in page

Almost 1,000 employees opened the email and almost half of those clicked on the link. About one fourth of employees who clicked on the link submitted data in the fake sign in page.

Neither the email nor the sign in page look like those used by campus systems. If you are unsure of the source or validity of an email you should not click on links, open attachments, or supply credentials or other data. Contact ITSS if you need assistance determining the validity of an email or web page.