CTS sent a campus-wide announcement on Tuesday, September 8, regarding suspicious emails that were sent from and to campus email addresses. The emails started over Labor Day weekend and continued into Tuesday. To resolve the issue, CTS has taken multiple steps.
- Google monitors suspicious activity for our domain and communicates with CTS as they identify compromised accounts. CTS actively monitors that information and suspends compromised accounts. On Tuesday, we suspended approximately 1,150 SUNY Oswego accounts that were compromised.
- CTS is working with users to restore their service. As of this writing, we have worked with over 250 active account owners to reopen their accounts.
- We are working with the New York State Cyber Security Operations Center (CSOC) to investigate the incident. The CSOC is researching the contents of the email and the website that the link took people to. If you happened to click the link in the email, you should change your email password immediately, and the password to any other accounts that use the same password.
- We have been in contact with other colleges and universities that have been affected by the same phishing incident. This particular phishing incident has been reported at some other campuses, including some in the state of New York.
- You may have noticed that some of the phishing emails were sent to your spam folder while others made it through to your inbox. CTS has hardened the spam filtering so more messages in the future will automatically be filtered. However, we urge you to monitor your spam folder in case some legitimate messages are filtered.
If you would like to check your own account activity, the CTS webpage has three steps that walk you through how to do it. If you see login attempts from states or countries you have not visited, your account is likely compromised. Notify the CTS Help Desk immediately and follow the instructions in the article for resetting your password and signing out of all sessions.
As we learn more, we will keep you posted. In the meantime, please let us know if you have any questions by contacting the Help Desk at email@example.com or 315.312.3456.
Below are instructions on how you can check your LakerApps account activity. This is important to make sure your account is not being used by others to send spam or phishing emails.
- Login to LakerApps at www.oswego.edu/mail
- Click the “Details” link in the “Last account activity” area at the bottom of the page in the right corner. You may need to scroll down in order to see the link.
- Check the details of your account activity. If you see anything suspicious, especially in states or countries you have not been, change your password immediately and notify the CTS Help Desk. Also, click on the “Sign out all other web sessions” button near the top of the window.
CTS is aware of suspicious emails that are being sent from and to campus email addresses and is working to resolve the issue. We have identified Oswego accounts that the emails are originating from and have suspended them until the issue is resolved. These accounts are notified of suspension upon attempting to login to LakerApps email. Owners should call the Help Desk at 315.312.3456 for assistance.
With National Cyber Security Awareness Month right around the corner in October, this is a good time to remind the whole campus about frequently changing and selecting effective passwords. We would like to encourage everyone to change their passwords on a regular basis.
Changing Your Password
To change your password, please follow these instructions:
- Login to www.oswego.edu/admin with your current Laker NetID
- Click on the “Change your password” link
- Please ensure you DO NOT reset it to a password you have used in the past
- Logout and then log back in with your new password
- Click the “Set your security question” to create a secure question and answer
- Log out
Checking Your Account Activity
In addition, it is also good practice to check when and where your LakerApps account is being used from. Google makes this available with the “Last account activity” feature.
In their “Last Account Activity” support article, Google mentions the following in regards to concurrent sessions.
“If your mail is currently being accessed from another location, we’ll list the other session(s) in a ‘Concurrent session information’ table. If there are other sessions displayed, this could mean that you simply have another browser window open with Gmail loaded, or that you’re sign in on another computer (for example, if your home computer is signed in to Gmail while you’re accessing your mail from work.) If you’re concerned about any concurrent access, you can sign out all sessions other than your current session by clicking Sign out all other sessions.”
If you see your account is being used from places you don’t recognize, please ensure to use the “Sign out all other sessions” link.
For any questions or concerns, please contact the Help Desk, 315.312.3456 or firstname.lastname@example.org.
The Shineman Center is open Monday through Friday from 6:15am-10:30pm. Weekends are variable dependent upon weekend events. After hours entry will now require your College ID.
Selected students are given College ID card access based on their program of study, course enrollment, and/or specifically by ID. Access is updated when course enrollment or program of study changes. Any student who does not have after hours entry access and believes they should are encouraged to contact the department offering the course or activity.
The only door with card access is on the northwest side of the building (facing the Marano Campus Center).
Previously, Internet Explorer (IE) was the default browser in labs and classrooms. However, with the increasing security vulnerabilities in IE, especially the one affecting IE versions 6-11 late last spring, we decided it would be a good time to re-evaluate the default browser.
To help us decide, we took a look at what browsers are accessing the SUNY Oswego website. From the network traffic originating from both on and off campus, Google Chrome is number one. We also took a look at just the traffic originating from on-campus and that also was Chrome. Given that, coupled with the fact that SUNY Oswego is a Google Apps campus, we decided to promote Chrome.
As you can see from the image below, Chrome, IE and Firefox are still available for use from the quick launch bar on the bottom of the screen. However, if you click on an HTML link within an application such as PowerPoint or Word, the default browser will be launched.
The myOswego changes mentioned in the “Upcoming Changes to myOswego” article on September 9, were implemented today, Thursday October 17.
As of this morning, myOswego’s login page has been changed to include two different login buttons. myOswego is the system used for class registrations, grades, advising, financial aid and more.
Current students, faculty and staff should use the “Single Sign On” login button on the right side of the page. Logins will require the use of your Laker NetID (former campus ID and PINs will no longer function).
An advantage to this change and the “Single Sign On (SSO)” technology is that once you are logged in to myOswego, you will also automatically be logged into Degree Works, the campus advisement system.
When logging out, please be aware that logging out of myOswego or Degree Works does not completely log you out.
For more information on properly logging out and a preview of the new login page, please visit our CTS Single Sign On page at http://www.oswego.edu/cts/sso.html.
If you have any questions related to this change, please contact the Help Desk at 315.312.3456 or email@example.com.
Look for some login changes coming to myOswego and its associated applications in the next few weeks.
CTS has been working on streamlining authentication into multiple systems that use the same username and password, primarily your Laker NetID. Two of those systems are myOswego and DegreeWorks. In the next few weeks, a new technology called Single Sign-On will be implemented to accomplish this. The myOswego webpage will be changed to something similar to the following.
Existing students, faculty and staff will use the “Single Sign On” button to login.
What is Single Sign-on (SSO)? It is a technology that allows services to share authentication credentials without having the user login to each service. In the context of myOswego, once you login to myOswego, you will also be logged into Degreeworks. You will not have to enter your Laker NetID again to access Degreeworks. However, this also means you must be vigilant about logging out of all systems using SSO. If you forget to log out, you leave yourself signed into both systems.
CTS will be expanding single sign-on to other services in the future.
We’ve been seeing a few phishing scams that have made it past Gmail’s spam and phishing filters lately. Please do not reply to any email asking for your username, password, date of birth, social security number, credit card numbers or other sensitive data. More than likely it is an attempt to steal your identity, otherwise known as a phishing scam.
If a phishing scam makes it into your inbox, report it to Gmail. While looking at the message, click the down arrow button in the upper right of the message. That will review a menu of options. Click the “Report Phishing” option.
You’ll be asked if you truly want to report it. Click “Report Phishing Message.”
Google will review the message and decide whether to add it to their spam filters. If they do, you will have helped the Gmail community as the message will now go to users’ spam folders rather than their inboxes.
During October and November 2012, CTS hired GreyCastle Security to provide Cyber Security Awareness trainings to all SUNY Oswego faculty, staff and students.
Tyler Wrightson from GreyCastle Security conducted all sessions in a very knowledgeable and engaging style. He covered topics such as using strong passwords, social engineering practices used to obtain usernames and passwords, social media security (such as Facebook), mobile device security, shoulder surfing, physical security and spam and phishing scams. All principles taught could be applied to both work and home situations.
Some anonymous feedback from attendees of the sessions had this to say about Tyler and the training:
“It was very interesting and I learned a little more about my internet security at work as well as at home. I appreciate that I was able to ask questions related to my home use of the internet, not just my business use.”
“He was very interesting and gave excellent info without being too technical.”
“The Castle speaker was so knowledgeable so had great examples of the problems he presented.”
If you missed the training, there are still a couple of options available to you.
- Tyler will be back on campus on January 16th offering two more sessions during Winter BreakOut. They are:
- Session 1, Cyber Security Awareness Training, Wednesday, Jan. 16, 9:15-10:15am, CC 202. Register.
- Session 2, Cyber Security Awareness Training, Wednesday, Jan. 16, 10:30-11:30am, CC 202. Register.
- GreyCastle allowed CTS to record a session and make it available to campus members only. We have the recording available from the CTS Security page. Note, you will need to sign in with your Laker NetID to access it. You’ll be prompted to do so.
CTS will be following-up the Security Awareness Training with our own session on learning more about the differences between spam and phishing emails and how to accurately report them in Gmail. This will also be offered during Winter BreakOut: