IT is working on A LOT of infected machines that picked up their badness from Facebook.  At this point, if we see less than 3 a week, I would be shocked.  Now, in addition to malware and spyware coming from the site, Facebook is gaining attention as a haven for scammers.  Give the article below a read for additional information:

http://www.techcrunch.com/2009/10/31/scamville-the-social-gaming-ecosystem-of-hell/

Email that is being sent with the “Subject: Dear  Webmail User” is a phishing attempt to get your username and password.  Do NOT respond to the email.  UTC ITD never sends emails asking for your UTCID and password.

Here is an example of the email:

—–Original Message—–
From: ADMIN [mailto:security@helpdesk.org]
Sent: Saturday, October 31, 2009 7:53 PM
Subject: Dear Webmail User

Dear Webmail User,

This message was sent automatically by a program on Webmail which
periodically checks the size of inboxes, where new messages are
received.The program is run weekly to ensure no one’s inbox grows
too large. Ifyour inbox becomes too large, you will be unable to
receive new email.Just before this message was sent, you had 18
Megabytes (MB) or more of messages stored in your inbox on your
Webmail. To help us re-set your SPACE on our database prior to
maintain your INBOX, you must reply to
this e-mail and enter your

Current User name ( )

and Password ( )

You will continue to receive this warning message periodically if your
inbox size continues to be between 18 and 20 MB. If your inbox size
grows to 20 MB, then a program on Bates Webmail will move your oldest
email to afolder in your home directory to ensure that you will continue
to be able to receive incoming email. You will be notified by email that
this has taken place. If your inbox grows to 25 MB, you will be unable to
receive new email as it will be returned to the sender.
After you read a message, it is best to REPLY and SAVE it to another
folder.

ITD had a record breaking month in August 2009.  This graph depicts the number of issues we received and the number of issues we closed.

Note:The information is from our database that we started using at the end of May 2009.

The email from the Webmaster @UTC.edu today Subject “ Re:Notificaiton “ is a  Phishing attack.  Do NOT respond.  UTC ITD or the Webmaster never sends requests asking the campus to respond by sending UTCID, password, address, department name.

For additional details on Phishing please check the ITD Power Point presentation on Phishing   http://itd.utc.edu/Training/PhishingandYou.ppt.  ITD presented a training session during the summer on Phishing and will present additional training for the campus during the fall semester to answer questions on Phishing and other critical IT topics.  Please take advantage of the training.

For any questions please contact the UTC HelpDesk 425-4000.

Monty

Monty Wilson
Chief Information Officer
Assistant Vice Chancellor for Information Technology
University of Tennessee at Chattanooga
423 425-4039 FAX 423 425-2200

Thanks to the efforts of the SGA, the cost of printing through UTC’s Mocsprint System will be reduced from $.10 per page to $.07. The price reduction will take effect at the beginning of the Fall 2009 semester. Students will continue to receive a $10 PrintPoints credit on their MOCS Card each Fall and Spring semester.

For more information, please go to http://itd.utc.edu/mocsprint/

I’ve heard several people lately say, “I haven’t changed my password since I started working here”.  That’s not a good idea.

I ran across this article at Microsoft about passwords that might be helpful.

5 Tips For Top-Notch Password Security

P.S.    I just noticed the article was written by Kim Komando.  She has a weekly radio show on WGOW 1150 at 10am that is certainly worth listening to.  You can check her out at her website also: http://www.komando.com

If I ask for an email catalog from The Sharper Image and decide later that I don’t want to get a monthly update from them about their new products, I feel pretty confident that clicking on the “Unsubscribe” button in their emails should do just that.  I should be unsubscibed from their email list.

However, if I’m getting emails for things that I don’t want (foreign drugs for example), I would be very wary about clicking on an unsubscribe button in that sort of email.  If they’re unscrupulous about sending out mass emails, they’re probably not going to take you off any lists.  In fact, this may just be the information they need in order to KNOW that they’ve got a functioning email account to send more unsolicited email to.

As promised, below is the link to the phishing PowerPoint presentation from last weeks Q&A.

http://itd.utc.edu/Training/PhishingandYou.ppt

We would just like to thank everyone for coming out and participating in the ITD phishing Q&A.  We had a really good turn out and we hope to draw that crowd again for our next one.

We will post the slideshow from the presentation in the next day or so.

Keep checking back here for updates and announcements on future Q&A sessions.