ITS continues to tighten our technology security, including new spam firewalls, more stringent password requirements, stricter server use policies, and intrusion detection alerts. But we need your help. Understanding what you can do is part of the solution. We’ll tackle Phishing and Malware in this document.
Phishing and Malware are very common security issues in today’s technology environment. Both of these attacks use social engineering to achieve their goal of stealing your information.
ITS has been seeing more Phishing attacks targeted toward Augustana faculty and staff accounts. In Phishing attacks, the perpetrator masquerades as a trusted person in order to acquire information such as usernames, passwords, and credit card details. Often this is done via email, but can be done through social networking sites, using instant messaging, texting, and even over phone or in person.
Augustana has been the victim of a few recent phishing scams. The goal of recent scams was to steal the user password and use the email account to send spam. This causes Augustana email servers to be blacklisted. ITS must work with blacklisting agencies to clean up our reputation. A cybercriminal with a different goal could do far worse damage to you or the college. In one attack, the scammer, posing as the victim, tried to solicit funds from the victim’s friends and relatives (using the victim’s email address book).
Phishing can be a simple as someone calling you and asking for your username and password, or as complex as sending a link to a web site that looks and works just like our real sites. Phishers will send you a link that looks legitimate, it will go to what looks like a legitimate site, it will ask for your username and password, if you enter them, you may see a “failed password” screen, which may actually pass you on to our real site. In this scenario, you probably wont even know you’ve been phished.
Here is an example of a phishing email. The Manage Your Account Online link goes to a scammer address. If you hover your mouse over this link (not click it) you should see the fake link address on the bottom of your email window (depending on email client).
It is up to you to be careful and knowledgeable when using email and the Internet. ITS only sends out warnings when we learn of a particularly deceptive phishing attempt, and by then it’s probably too late. We estimate there are several phishing attempts per day, and sending alerts about all of them would simply numb you to the threat. The threat is real, you must be aware of it.
How can you avoid being phished?
For text and instant messaging, just don’t do it. ITS Helpdesk does not use text or instant messaging to direct you to sites or to change your password. You should be very skeptical of any unsolicited text or instant message asking you to go to an Internet site.
For phone calls or in person attempts, always verify the caller is who he/she says they are.
For Email, the best practice is to NEVER click on a link in email unless you KNOW it’s legitimate. Instead, type it into your browser and navigate to the login or page (for example, type my.augie.edu rather than click the link).
Not clicking the link may not always be possible. If you do get a complex link and can’t easily type it in, look for the following:
- Real login sites should ALWAYS use https:, not http: The extra s stands for secure.
- URLs will ALWAYS begin with the real domain. Usually host.augie.edu for augie.edu sites.
Faked URLs will begin with something else and play ticks to make you to believe you are on an Augie site.
- This one is FAKE, no https: and it doesn’t begin with host.augie.edu (but fakes it in the middle)
- The link in the email can hide what is really being linked to, for example click here, where here is the link, or even www.augie.edu where the underlying link is really different. In GroupWise, you can hover over the link and see the REAL URL on the bottom of the GroupWise window.
- Here is an example showing a fake web site URL - note scamsite.com is the starting domain, the my.augie.edu is NOT legitimate since it's not at the beginning of the URL:
- This next one is our legimate site with the real URL, note the https:// and the starting domain is my.augie.edu
Malware is a term used to describe a broad category of damaging software that includes viruses, worms, trojan horses, rootkits, spyware, and adware. The effects of malware range from brief annoyance to computer crashes and identity theft. Malware is easier to avoid than it is to remove.
The Internet is full of Malware. Malware is planted on web sites, in Peer to Peer file sharing services, and sent via email. Malware writers change their malware often to avoid detection. To avoid accidently installing malware on your system, follow these strategies.
- Do not trust anything associated with a spam e-mail. Approach e-mail from people you know with caution when the message contains links or attachments. If you are suspicious of what you are being asked to view or install, don't do it. ITS has seen malware in emails from family and friends, often their own systems are infected, sometimes they don’t even realize they are forwarding on links to malware.
- If you’re on a website or get a popup for software, do NOT install it. Research the software first, you can always go back and install it later. Especially nasty are the popups and sites that claim you’re system is infected. Do NOT act, avoid these, and never install them. Call the helpdesk first. We can direct you to good reputable solutions for whatever problem you are trying to solve.
- Some pop-up windows or boxes will attempt to corner you into downloading software or accepting a free "system scan" of some type. Often these pop-ups will employ scare tactics to make you believe you need what they are offering in order to be safe. Close the pop-up without clicking anything inside it. Windows: Close the window via Alt+F4 or Windows Task Manager (press Ctrl-Alt-Delete). Mac: Command W or command Q.
- Some programs attempt to install malware as a part of their own installation process. When installing software, pay close attention to the message boxes before clicking Next, OK, or I Agree. Scan the user agreement for anything that suggests malware may be a part of the installation. If you are unsure, cancel the installation, check up on the program (call the helpdesk). Run the installation again ONLY if you determine it is safe.
- Illegal file-sharing services: You're on your own if you enter this realm. There is little quality control in the world of illegal software. It is easy for an attacker to name a piece of malware after a popular movie, album, or program to tempt you into downloading it.
- Be careful when searching the Internet. Only click through to trusted sources.
- Update your browser and plugins using each vendor’s auto update or software distribution tools to install patches as soon as they become available. Call the Helpdesk if in question, they can also do these updates for you.
- Never update "media player," “codec," or “Flash” when promoted by a site hosting videos or not affiliated with that application. Go to the software’s real site like adobe.com to do any updates.
- Be sure your AntiVirus software is up to date – if not, call the Helpdesk to have a look.
If in doubt, call the ITS Helpdesk. The scammers will always make the issue seem urgent, they don’t want you to think about it and call someone for advice – they want you to click immediately. Don't do it! If you think you’ve been phished or were the victim of a malware install, call the Helpdesk so we can help you change your password and verify your system is clean. Helpdesk line is 274-5331.