Here are some of our recent news items. Please look these over for important information.
Latest Phishing email circulating, October 30, 2020
A new phishing email started arriving in campus emails this morning. This one looks like an employment opportunity paying hundreds of dollars a week for little time spent. IT Services is working to stop its circulation. Please follow our guidelines for malicious emails:
– Delete the email from your Inbox and then your Deleted Items folder
– Do not click on the link in the email
– If you did click the link and provide any information, contact the IT Service Desk by emailing email@example.com. Include the details of what you provided and your contact information so we may assist you.
Phishing email, October 28, 2020
A phishing attack email started circulating this morning. It contains a link in the body to a web site. The web site asks for your username and password in order to gain access to your account.
– If you did not open the email or enter your credentials, delete the email from your Inbox and then the Deleted Items Folder.
– If you did enter your account username and password on the web site, send an email to firstname.lastname@example.org with the details and your contact information. The IT Service Desk will work with you to make sure your accounts are protected.
General information and cautions about phishing attacks
Periodically emails circulate in the email systems which are either trying to phish your information or contain viruses. Do not be duped by these emails. They look official but do not come from Shepherd’s I. T. Services department.
Always use caution when viewing and processing email. Take extra care whenever asked to access another ‘link’ or open any ‘attachments’.
If you think your computer is infected, you can submit all the details in an email to email@example.com. This will create a work order in our system. We will contact you about scheduling an on-site appointment or to have you bring the system to us.
Here is an educational resource pertaining to Social Engineering attacks and how to recognize them Social Engineering Red Flags
Here are some rules of thumb to identify red flags in determining a valid email:
- FROM: You don’t recognize the sender or sender’s address. This is an unexpected or unusual email with an embedded hyperlink or an attachment from someone that I have not communicated with recently.
- SUBJECT: Subject line is irrelevant and/or does not match the email content.
- TO: You were sent an email with others, but you do not recognize any of the other recipients.
- DATE/TIME: Was this email sent at an unusual time, like 3 am?
- CONTENT: Am I being asked to do ‘something’ to avoid a negative consequence or to gain something of value? Does the content have bad grammar or poor spelling?
- HYPERLINKS: When you hover your mouse over the hyperlink, does the site that it is directing you to match what is on the hyperlink or to another place?
- ATTACHMENTS: Also be suspicious. You don’t recognize the file type.
If you are unsure if you have a malicious or legitimate email and would like assistance, please contact the IT Services Desk for assistance at 304.876.5457. You can also elect to email us your issue to firstname.lastname@example.org; or you may visit us in person in the lower floor of the Library (ASC area).
Updated January 16, 2020