Welcome to Information Technology
Tech Tips: Phishing Attacks 11/27/2017
Defend Against Phishing Attacks
- Check for HTTPS – When submitting a username, password(s), and/or personal identifiable information (PII), always check the website domain name (URL). If it has https:// and “Secure” somewhere close by, then you are good to go! Here is an example for ps-portal.paulsmiths.edu:
If it doesn’t have https:// and “Secure” somewhere close by, then you are at risk for getting this information stolen. Here is an example of the fake site for ps-portal.paulsmiths.edu:
- Check a Link – If you see a link in an email asking you to click it, investigate where it will send you first. You can do this simply by hovering over it and seeing where the link will take you. Here is an example using the fake Help Desk email:
As you can see, the link appears to not be using https:// along with an obscure address. Although there is some grey area in what is a safe web link to click, at least be suspicious when seeing a site not using https://
- Analyze the Message – One of the easiest ways to trick users is exploiting the user directly. For example, some phishing attacks will send you a fake email notifying you of a problem with a recent “Amazon order”. Although you may not be expecting anything from Amazon, you may have a curious thought as to what the item may be. Some of us can quickly discredit that theory but others may not be able to. As a result, the user may fall victim to this attack.
Conclusion: Phishing attacks are not new, and will never go away. Although asking the IT Department about the legitimacy of an email may work, it is impossible for us to verify the legitimacy of every questionable email. It is up to you, the user, to know what to look for when you receive an email asking for you to perform certain actions. If you perform the steps to defend against phishing, you will have the tools you need to drastically reduce your odds on becoming a victim to a phishing attack.
Tech Tips: Identity Theft 09/21/2017
Here at Paul Smith’s College, the IT Department is determined to keep our community well informed about current trends and best practices in technology. This report is to highlight a recent identity theft attack involving Equifax, a global consumer credit reporting agency. About a week ago, the company release a statement stating that millions of users had their personal information stolen. If you think you have been affected by this incident, please click this link for more information.
NOTE: We advise you to not to do a free credit check through Equifax since they were responsible for the data breach in the first place.
Outside of this incident, please note that identity theft is a very common yet successful attack that compromises your personal information. Here are a few tips on how to detect and better prevent identity theft:
- Always be suspicious on anyone reaching out to you asking for personal information. Legitimate companies will not initiate a line of communication with you asking for personal information including the Paul Smith’s College IT Department.
- If available, enable two-factor authentication on services you may use. For example, if two-factor authentication is enabled on your Amazon account, a PIN will be sent to a phone number you authorize (Figure 1). From here, you will need to enter your PIN into your Amazon login to continue. If an attacker had your e-mail and password, they would not be able to log in without the PIN. With this attempt, you would receive a PIN sent to your phone, but if you are not making a purchase, you will realize (hopefully) that someone is trying to log in Amazon with your e-mail and password.
- Use different and complex passwords for high-value services. For example, if you use the same password for your bank login and Facebook and your Facebook login information is stolen, then your bank account could also be compromised.
- Don’t use answers to security questions that can be discovered through social media. For example, if you have a security question of, “What high school did you go to?” and you share on Facebook that you’re about to go to your high school’s 10-year reunion, then an attacker can put two and two together, and answer your security question.
More information can be found here.
Figure 1: Two-Step Authorization page (Amazon
Tech Tips: Locking Your Computer Screen 08/07/2017
If you are ever signed into your Windows PC and you are stepping away from your PC, we strongly encourage you to press Windows Key (between your Ctrl and Alt key) + L.
If you are ever signed into your Mac device and you are stepping away from your device, we strongly encourage you to press Control+Shift+Eject (or Power if you do not have an Eject button).
What this does is prevents anyone from using your device without your permission. This also hides any personal or sensitive work you may be doing at the time. Here are some examples of what could happen if your device is left unattended and unlocked:
- A user posting something crazy on your Facebook timeline, and liking a “Nickleback Official Fanpage” (if you have Facebook open).
- A student changing his or her grades on Moodle.
- A user sending an email as you.
Tech Tips: Identifying Phishing Attacks 7/25/2017
To educate our users about information technology use, we want to share some information pertaining to a recent phishing attack. A phishing attack is when a malicious user emails/online messages you trying to disguise themselves as a legitimate source, or someone else you may trust. Here are some scenarios:
An email could be sent to you by what appears to be FedEx asking you to click a link for a status update. Although you are not expecting any packages, or if you’re not going through the already verified tracking number given to you for a legitimate package, you may be tempted to click the link.
An urgent email coming from what appears to be Helpdesk asking you to email back with your username and password stating that your account needs immediate attention.
Whenever you’re about to continue with an email, ALWAYS check where it is coming from not by the title name, but the full email address. Here is an example we were notified about this morning
NOTE: We are hiding the identity of the person who was being spoofed.
As you can see, the “From” field coming from someone from PSC doesn’t have the @paulsmiths.edu ending. Therefore, this message is almost certainly a phishing attempt.
If you have any further questions, please let us know. We are here to help the community be safer and more productive while using information technology.