ITD Announcements » Security

Be Careful In Facebook

dbean — Wed, 11 Nov 2009 18:46:22 +0000

IT is working on A LOT of infected machines that picked up their badness from Facebook. At this point, if we see less than 3 a week, I would be shocked. Now, in addition to malware and spyware coming from the site, Facebook is gaining attention as a haven for scammers. Give the article below a read for additional information:

http://www.techcrunch.com/2009/10/31/scamville-the-social-gaming-ecosystem-of-hell/

Phishing Attempt

ctrillet — Mon, 02 Nov 2009 17:11:34 +0000

Email that is being sent with the “Subject: Dear Webmail User” is a phishing attempt to get your username and password. Do NOT respond to the email. UTC ITD never sends emails asking for your UTCID and password.

Here is an example of the email:

—–Original Message—–
From: ADMIN [mailto:security@helpdesk.org]
Sent: Saturday, October 31, 2009 7:53 PM
Subject: Dear Webmail User

Dear Webmail User,

This message was sent automatically by a program on Webmail which
periodically checks the size of inboxes, where new messages are
received.The program is run weekly to ensure no one’s inbox grows
too large. Ifyour inbox becomes too large, you will be unable to
receive new email.Just before this message was sent, you had 18
Megabytes (MB) or more of messages stored in your inbox on your
Webmail. To help us re-set your SPACE on our database prior to
maintain your INBOX, you must reply to
this e-mail and enter your

Current User name ( )

and Password ( )

You will continue to receive this warning message periodically if your
inbox size continues to be between 18 and 20 MB. If your inbox size
grows to 20 MB, then a program on Bates Webmail will move your oldest
email to afolder in your home directory to ensure that you will continue
to be able to receive incoming email. You will be notified by email that
this has taken place. If your inbox grows to 25 MB, you will be unable to
receive new email as it will be returned to the sender.
After you read a message, it is best to REPLY and SAVE it to another
folder.

Phishing Attempt

dbean — Wed, 19 Aug 2009 10:58:26 +0000

The email from the Webmaster @UTC.edu today Subject “ Re:Notificaiton “ is a Phishing attack. Do NOT respond. UTC ITD or the Webmaster never sends requests asking the campus to respond by sending UTCID, password, address, department name.

For additional details on Phishing please check the ITD Power Point presentation on Phishing http://itd.utc.edu/Training/PhishingandYou.ppt. ITD presented a training session during the summer on Phishing and will present additional training for the campus during the fall semester to answer questions on Phishing and other critical IT topics. Please take advantage of the training.

For any questions please contact the UTC HelpDesk 425-4000.

Monty

Monty Wilson
Chief Information Officer
Assistant Vice Chancellor for Information Technology
University of Tennessee at Chattanooga
423 425-4039 FAX 423 425-2200

Spoofing PowerPoint

dbean — Wed, 12 Aug 2009 18:27:08 +0000

As promised, below is the link to the phishing PowerPoint presentation from last weeks Q&A.

http://itd.utc.edu/Training/SpoofingandYou.ppt

Passwords Are Important

dbean — Mon, 10 Aug 2009 12:01:55 +0000

I’ve heard several people lately say, “I haven’t changed my password since I started working here”. That’s not a good idea.

I ran across this article at Microsoft about passwords that might be helpful.

5 Tips For Top-Notch Password Security

P.S. I just noticed the article was written by Kim Komando. She has a weekly radio show on WGOW 1150 at 10am that is certainly worth listening to. You can check her out at her website also: http://www.komando.com

Do Not Unsubscribe From Spam

dbean — Mon, 22 Jun 2009 18:06:13 +0000

If I ask for an email catalog from The Sharper Image and decide later that I don’t want to get a monthly update from them about their new products, I feel pretty confident that clicking on the “Unsubscribe” button in their emails should do just that. I should be unsubscibed from their email list.

However, if I’m getting emails for things that I don’t want (foreign drugs for example), I would be very wary about clicking on an unsubscribe button in that sort of email. If they’re unscrupulous about sending out mass emails, they’re probably not going to take you off any lists. In fact, this may just be the information they need in order to KNOW that they’ve got a functioning email account to send more unsolicited email to.

Phishing PowerPoint

dbean — Wed, 03 Jun 2009 22:27:12 +0000

As promised, below is the link to the phishing PowerPoint presentation from last weeks Q&A.

http://itd.utc.edu/Training/PhishingandYou.ppt

ITD Phishing Q & A

dbean — Wed, 27 May 2009 22:13:57 +0000

We would just like to thank everyone for coming out and participating in the ITD phishing Q&A. We had a really good turn out and we hope to draw that crowd again for our next one.

We will post the slideshow from the presentation in the next day or so.

Keep checking back here for updates and announcements on future Q&A sessions.

Locked Accounts

dbean — Fri, 22 May 2009 21:58:06 +0000

A user’s account may be locked if it has been compromised.

If you have given out your username and password to an unknown party, it can be used for email spamming. Email spamming from the university could lead to us being blacklisted on spamblock-servers. This, in turn, means that legitimate email from the university to sites that have us blacklisted won’t go through. This can be anyone from Yahoo to Comcast to other universities.

Please remember, no one should be asking for your username and password via email.

Recent Phishing Attempt

dbean — Wed, 20 May 2009 15:59:37 +0000

Below is an example of a recent phishing attempt. The email did not come from a UTC email account and the address that they are wanting you to send your username and password information to is not a UTC email account. But neither of these facts are as important as remembering that the UTC IT Helpdesk will never ask you for username and password information via email.

========================================================

From: Bill Sanders
Date: May 20, 2009 8:00:17 AM EDT
Subject: Your ailbox has been de-activated

This is to inform you that your Mailbox has been de-activated by your System Administrator due to an unusual activity detected in your mailbox. Hence, you may not be able to receive new mail until your mailbox is re-activated. You are to contact your System Administrator with your Login Details which includes your mailbox User name and Password for them to re-activate your mailbox.

System Administrator
E-mail: re-activate-account-department@administrativos.com

If your mailbox remains de-activated for an extended period of time, it may result in further limitations or eventual closure of your mailbox.

The information contained in this e-mail may be confidential and is intended solely for the use of the named addressee. Access, copying or re-use of the e-mail or any information contained herein by any other person is not authorized.