Category Archives: Security

Microsoft to Issue Patch Today (4/11) for Banking Malware

A new twist on an old threat tactic could allow hackers to compromise your computer and steal your information. As with similar campaigns, infected Microsoft Office documents are sent as attachments in spam emails. However, no interaction is required on the part of the victim this time around. When the document is opened, the vulnerability spreads, making it a nastier technique. The latest versions of the malicious documents have been installing the Dridex banking Trojan, which can steal your banking credentials and other sensitive data.

Today is Patch Tuesday (https://en.wikipedia.org/wiki/Patch_Tuesday), and an update is expected from Microsoft to fix this vulnerability in Office, but until then, and AS ALWAYS:

  • Do NOT open any attachments that you are not expecting, EVER!
  • Do NOT “Enable macros” or “Enable content” in any documents, unless you have verified that the email/attachment is legitimate by contacting the email sender directly via phone. (Do not reply to the email to verify.)
  • Enable “Protected View” in Microsoft Office: https://support.office.com/en-us/article/What-is-Protected-View-d6f09ac7-e6b9-4495-8e43-2bbcdbcb6653
  • Make sure your antivirus program is updating daily, and scan any attachments you intend to open.
  • Enable automatic updates for your operating system and applications whenever possible.

In most cases, emails with suspicious attachments can be safely ignored and deleted. If you are uncertain about the legitimacy of an email, you can forward it to the Help Desk (help@oswego.edu) for additional guidance.

1st Annual CTS Phishing Tournament

logoSince October is Cybersecurity Awareness Month, Campus Technology Services will be holding our first ever Phishing Tournament.

The rules are simple – whenever your SUNY Oswego email account receives a phishing email, forward it to phishing@oswego.edu with the subject “Contest Entry”. For every unique phishing email you send to us, you will be entered into a drawing for an Amazon gift card.

The tournament will run from October 1st through the 30th. The drawings will take place on Halloween.

For more information, check out https://www.oswego.edu/cts/phishing.

Contact the CTS Help Desk if you have any questions at 315.312.3456 or email help@oswego.edu. Good luck!

Registration Open for CTS Fall Workshops

Be sure to check out all the workshops CTS will be giving in the fall. Classes include:

  • LakerApps
  • Google Forms
  • Detecting and Reporting Phishing Scams
  • MIcrosoft Office 2016
  • Blackboard Collaborate
  • Mail Merge
  • … and many more!

To see the full lineup, go to our CTS Workshop Registration page.

New Sign-ON Page for SUNY Services

Effective August 10, the login page used to login to SUNY services such as time and attendance and finance and budgeting will receive a new look.  Previously the page looked like the following:

pasted image 0 (1)

 

The new look shown below includes features for remembering your campus selection for future login sessions.  In addition, it is mobile friendly.

pasted image 0

If you have any questions using the new login page, please contact the Help Desk at 315.312.3456 or help@oswego.edu.

 

Recent Phishing Attempt

A phishing email is a scam by which a person is tricked into giving their confidential information to a third party so they can use it for illicit purposes.

Inline image 2

The above image is an example of the most recent phishing email to surface. Even though Campus Technology Services would never ask for any personal information over an email, there are a couple of things to keep in mind when faced with emails like this. First, always check the address from the sender, not just the name, and, secondly, always hover over links included in the emails to see where they will take you.

If you have responded to one of these phishing emails, or you feel like your email account has been tampered with, please reset your password immediately at www.oswego.edu/reset.

Most importantly, if you see something suspicious, please say something! Marking emails as spam or phishing will help Google better detect illicit messages in the future.

For more information, you can visit this Google Support Article about phishing, or reach out to the CTS Help Desk. The Help Desk can be reached at help@oswego.edu or 315-312-3456.

Variation of Labor Day Weekend Phishing Email Circulating

As of early Sunday morning, 9/13 a variation of the Labor Day weekend phishing email has been received by some of the campus population.  The number of campus accounts sending the message is a small percentage of last week’s count and have been suspended. Suspended accounts will be notified upon login to LakerApps at www.oswego.edu/mail.

An example image of the content of the variation is included below.  Please note that the clickable web address may vary from email to email.

If you receive a message like this, please do not click on the link.  If you already have, please change your password immediately at www.oswego.edu/admin.

CTS has taken steps to block future messages from being sent out.  We continue to work with Google on identifying accounts with suspicious activity.

Even though there are no classes tomorrow and Tuesday, 9/14-15, the Help Desk will be open all week during normal business hours.  Hours are Monday-Thursday, 8am-7pm and Friday, 8am-4:30pm.

https://www.flickr.com/photos/eworm/

After Hours Shineman Entry Requires ID

The Shineman Center is open Monday through Friday from 6:15am-10:30pm.  Weekends are variable dependent upon weekend events.  After hours entry will now require your College ID.

Selected students are given College ID card access based on their program of study, course enrollment, and/or specifically by ID.  Access is updated when course enrollment or program of study changes.  Any student who does not have after hours entry access and believes they should are encouraged to contact the department offering the course or activity.

The only door with card access is on the northwest side of the building (facing the Marano Campus Center).