Below are five basic security tips to remember because let’s face it, how well can you trust anyone these days?

1.       If you don’t understand the warning message, say no and consult the UTC HelpDesk. It’s easier to go back and say yes if you need to, than be sorry and have to rebuild your machine.

2.      Certificates: If you don’t understand a website certificate message, say no and consult the UTC  HelpDesk. It is easier to go back and say yes if you need to, than be sorry and have to rebuild your credit.

3.      Antivirus: Running antivirus does not slow your computer down nearly as much as a virus does.

4.      Back-up: Backing up your data may seem like a waste of time —  until you spill coffee all over your laptop.

5.      Passwords: Writing down your password around your desk is about as secure as leaving a $100 bill lying on the dashboard of your car. Don’t do it!

UTC HelpDesk may be contacted by calling  4000  on campus or email helpdesk@utc.edu

The UTC Information Technology organizations across the campus would like to make you aware that this holiday season is bringing about a new wave of malicious activity from a wide variety of “evil-doers.”   Some examples:

• Over this past Thanksgiving Holiday hundreds of people in the area were hit with banking debit/credit card scams;
• UTC is constantly receiving email phishing attempting to collect username, passwords, or other personal information;
• Today the UTC network is being hit frequently with “Delivery-Tracking-Notifications” from DHL Express.  This is just one of the “Delivery-Tracking” examples and it could be from UPS, FedEx or any other.  Also today UTC received several email for an “Adobe update” email with an attached .zip file containing malicious code;
• The common theme of most phishing/malware schemes is some sort of scare tactic — your mail account is full, your bank account is overdrawn, your package delivery is delayed, your computer is infected with a virus [not coming from UTC], or other similar scenarios.  Others may use some reward tactic — someone has sent you a greeting card (just click here), you’ve just won a lottery, you’re due a refund, you have been selected to be a “bonus shopper”, etc.
•  And, at the end of this holiday season there will be a new round of Income Tax schemes trying to phish personal information;

UTC IT departments and systems administrators are monitoring and taking steps to lessen the impact of these threats, but the IT administrators can only do so much.  The most effective protective measures begin with UTC’s “human firewall.”  YOU are the most important factor in UTC’s effort to protect your personal information, your UTC credentials and the UTC network from these attacks.  You can help us help you by following some simple guidelines:

•  Always make sure your computer has the latest operating system updates and application security patches applied.  This includes Microsoft Office, and browser and application add-ons.  If you are not sure about your security patch status, contact your departmental IT Support or the IT Help Desk at 425-4000 for guidance;
• Be vigilant, and be suspicious.  – When you receive email from someone you don’t know or if you believe it is a phishing attempt the best action is to delete the email.
• Never respond to a request for user name, password, social security number, etc.  UTC will never ask you for your UTCID and password or personal information in an email.  Again, if you are unsure contact the Help Desk;
• If your email contains a web link don’t click on it unless you are absolutely sure of the destination.  Open up your browser and manually enter (type in or copy) the destination into the browser address bar.  That way you know you are visiting the correct website.
• Learn to recognize email from within UTC.
• Be wary of attachments from people you know

If you believe you have been the victim of a Phishing or malicious attack you can report it to abuse@utc.edu.

For more information visit:
·        http://security.tennessee.edu/phishing.shtml
·        http://www.hoax-slayer.com/
·        http://www.mozilla.com/plugincheck (visit here to run a plug-in checker for your browser)

Please be very mindful of any “links” you receive from “friends” on Facebook.  Otherwise you could be next in receiving a virus!

Recent report (http://threatpost.com/en_us/blogs/facebook-worm-spreading-installing-zeus-bot-112911):

A new worm has popped up on Facebook, using apparently stolen user credentials to log in to victims’ accounts and then send out malicious links to their friends. The worm also downloads and installs a variety of malware on users’ machines, including a variant of the Zeus bot.
The worm is making the rounds now, and detection of the malicious file that’s being used to drop the malware on victims’ machines is quite low. Researchers at CSIS in Denmark analyzed the worm’s behavior and found that it appears to be using stolen Facebook credentials to log in to user accounts. It then sends out messages to the victim’s Facebook friends with a link that’s supposedly to a photo file.

However, the file that’s linked to is a screensaver that has a JPG extension. If a user opens the file, it will then install a series of malicious programs. CSIS says that the worm’s code was written in Visual Basic and uses a handful of techniques to make analysis in virtual machine environments difficult. After the user executes the malicious file, the infection routine kicks off.

“The worm carries a cocktail of malware onto your machine, including a Zbot / ZeuS variant which is a serious threat and stealing sensitive information from the infected machine.”

They have issued an “out of cycle” patch for this vulnerability.

You need to have Adobe Flash Player 10.3.183.10 (Windows/Mac).  There is also a patch for Android and Linux.

http://get.adobe.com/flashplayer/

http://blogs.adobe.com/psirt/2011/09/prenotification-security-update-for-flash-player.html

Google Chrome users do not have to get the patch, it will be installed automatically.

Microsoft has released an “out of band” patch to fix the fraudulent digital certificates issued by DigiNotar.  The patch requires a restart. Please update your computers.

Microsoft Security Advisory: Fraudulent digital certificates could allow spoofing

http://support.microsoft.com/kb/2607712

http://www.microsoft.com/technet/security/advisory/2607712.mspx

If you receive this email delete it.  It is not from ITD.  If you are unsure call the help desk at 425-4000.

Note the From and To addresses. They are not UTC addresses.

From: University of Tennessee at Chattanooga [mailto:bstm386@dishmail.net]
Sent: Wednesday, August 31, 2011 10:57 AM
To: bstm386@dishmail.net
Subject: Important Notice!!!

—-University of Tennessee at Chattanooga Support Team—-

Dear UTC Exchange Webmail User,

Your UTC Exchange Webmail Account will be deactivated if you
do not verify that your UTC Exchange Webmail Account is still
in use. Due to excess abandoned UTC Exchange Webmail Account
in our database. Failure to provide your UTC Exchange Webmail
Account UTC ID and Password will render your account
De-activated from our database. – We will not deactivate your account. We do not need you to validate your email or that you are using it.

To Verify, provide your UTC Exchange Webmail Account UTC ID and Password,
UTC ID:(….@utc.edu) Password:(…..) Future Password:(…..)  - We will never ask you to send your ID or Password in an email.

You are to comply with this directive or we shall De-activate your
UTC Exchange Webmail account from our database.

Thank you for using UTC Exchange Webmail Services.

Sign.
Management. – We will never sign an email as Management

—-Copyright 2011 The University of Tennessee at Chattanooga. All rights reserved.—

There is an email being sent from Bates, Beverly with the subject Validate Your Mailbox.

Please note her email her email address “Bates, Beverly” <beverly.bates@cpsb.org> This is not a UTC email address.

Email Message:

Attention Subscriber;

Your Mailbox quota has exceeded the storage limit set by your System Administrator which is 1GB. You are currently running on 2.7GB. You may not be able to send or receive new mail until you validate your mailbox. -ITD will Never ask you to validate your mailbox.

To complete your email account upgrade, Click Here and submit the account upgrade form. Failure to comply will result in the permanent de-activation of your email account from the email database. – We do not need you to validate your email.

NOTE: You will be sent a password reset message shortly after undergoing this process for security reasons.

We do not use this signature:
Thank you,
2011 Webmaster©. All Rights Reserved.
*****************************************************************************************
The information contained in this email message and any attached files may be confidential information and may also be the subject of legal professional privilege. If you are not the intended recipient, any use, disclosure or copying of this email is unauthorized. If you have received this email in error, please notify the sender immediately by reply email and delete all copies of the transmission together with any attachments.

Microsoft has updated it’s free antivirus product. If you use MSE, you
should upgrade.  This product should only be used on personally owned
computers.

This is a recommended antivirus for students.

Download it:

http://www.microsoft.com/en-us/security_essentials/default.aspx

Apple has released OS 10.6.8 for Snow Leopard and Security Update
2011-004 for OS 10.5.  Lots of bug fixes.  You can get them using
Software Update.

Details: http://support.apple.com/kb/HT4723

There is another phishing email being sent to UTC.  Please remember ITD will never ask your username, password and birthdate in an email.  Do not Reply to this email.

Here is a copy of the email being sent:

Read the rest of this entry »