Showing posts with label phishing attack. Show all posts
Showing posts with label phishing attack. Show all posts

Wednesday, December 16, 2020

Holiday Break Phishing Scam Protection

Phishing attacks are on the rise and we are taking steps to prevent these attacks from affecting Manhattan College. ITS would like to request your assistance by asking for your hyper vigilance in regards to potential phishing scams by doing the following: 

1. Never respond to any suspicious or unfamiliar emails. 

2. Report any of these suspicious emails to ITS by forwarding the message to its@manhattan.edu for validation.

3. If you think your account has been compromised contact ITS immediately at 718-862-7973 or emailing its@manhattan.edu

For more information about Phishing scams and how to protect yourself this holiday season please check out the links below:

Two laptops, suspicious man on one fishing the personal data from the otherHoliday Scams and Malware Campaigns
Phishing Infographics
Half of all Phishing Sites Now Have the Padlock






As we approach the Christmas Holiday break, ITS would like to remind campus users that we will NOT be performing updates and will NOT ASK for information from you.   

  • ITS will NOT ASK for you to update your password or other personal information.

  • ITS will NOT DISABLE your account over the break if you do not respond to an email.


Posted by at
Labels: , , , , , ,

Sunday, October 6, 2019

Stop That Phish

Overview




phishing computer screen

Email and messaging services (such as Skype, Twitter, or Snapchat) are one of the primary ways we communicate. We not only use these technologies every day for work, but also to stay in touch with friends and family. Since so many people around the world depend on these technologies, they have become one of the primary attack methods used by cyber attackers. This attack method is called phishing. Learn what phishing is and how you can spot and stop these attacks, regardless if you are at work or at home.

What Is Phishing

Phishing is a type of attack that uses email or a messaging service to fool you into taking an action you should not take, such as clicking on a malicious link, sharing your password, or opening an infected email attachment. Attackers work hard to make these messages convincing and tap your emotional triggers, such as urgency or curiosity. They can make them look like they came from someone or something you know, such as a friend or a trusted company you frequently use. They could even add logos of your bank or forge the email address so the message appears more legitimate. Attackers then send these messages to millions of people. They do not know who will take the bait, all they know is the more they send, the more people will fall victim.

Protecting Yourself

In almost all cases, opening and reading an email or message is fine. For a phishing attack to work, the bad guys need to trick you into doing something. Fortunately, there are clues that a message is an attack. Here are the most common ones:
  • A tremendous sense of urgency that demands “immediate action” before something bad happens, like threatening to close an account or send you to jail. The attacker wants to rush you into making a mistake.
     
  • Pressuring you to bypass or ignore your policies or procedures at work.
     
  • A strong sense of curiosity or something that is too good to be true. (No, you did not win the lottery.)
     
  • A generic salutation like “Dear Customer.” Most companies or friends contacting you know your name.
     
  • Requesting highly sensitive information, such as your credit card number, password, or any other information that a legitimate sender should already know.
     
  • The message says it comes from an official organization, but has poor grammar or spelling or uses a personal email address like @gmail.com.
     
  • The message comes from an official email (such as your boss) but has a Reply-To address going to someone’s personal email account.
     
  • You receive a message from someone you know, but the tone or wording just does not sound like him or her. If you are suspicious, call the sender to verify they sent it. It is easy for a cyber attacker to create a message that appears to be from a friend or coworker.
Ultimately, common sense is your best defense. If an email or message seems odd, suspicious, or too good to be true, it may be a phishing attack. 
Be Secure Online! Refer to Manhattan College's Cyber Safety site for additional resources.

Refer to Manhattan College's Email Signature Knowledge Base 
Article for instructions on how to create your own email signature.

Using a Manhattan College email signature is important because it is the perfect opportunity to brand every message you send. By creating a cohesive email signature for each employee on your team, you create brand recognition in every person to whom your employees sends emails. 

Reach out to IT Services with any questions:


Posted by at
Labels: , , , , ,

Monday, April 1, 2019

Another day, another phishing email.

This morning ITS detected a phishing email and quarantined the email. A redacted version of the email is shown below.

1 Apr 2019 05:56:19 -0700
From: "manhattan.edu" <admin@support.com>
To: ██████.██████@manhattan.edu
Message-ID: <20190401055619.AF1B5635B08A35FE@support.com>
Matched rules


Dear ██████.██████,    
Your Email Account (██████.██████@manhattan.edu) password is set to expire 
in 3 days, it will expire on. 
*4 Apr 2019*.
We recommend you to click the Email Settings below to confirm your email 
password to avoid login interruptions.
Email Setings
Best Regards,
*Note:**Please do not ignore this message.*
2019 ⓒ manhattan.edu account team.


The link, which is removed in the above, appears to go to google.com but actually redirects to a malicious site.

https://www.google.com/url?hl=3Den&amp;q=3Dhttps://yahoo.com

The above link is similar to the malicious URL, and uses yahoo.com instead of the malicious site. Google is currently blocking this redirection, which is for the best.

Screenshot showing Google blocking this redirection phishing exploit.

ITS reported the email with full headers using the Google reporting form. Also ITS blocked access to the malicious website from our campus. Any off-campus user can still accidentally visit the website though. Thankfully this email was not delivered to a single inbox within our organization.
Posted by at
Labels: , ,

Tuesday, July 11, 2017

There is another Phishing Scam circulating with the title "Are you a Photographer?"

There is another Phishing Scam circulating with the title "Are you a Photographer?"

Please delete this email.  If you did click into it, please follow these instructions to clean your account.
Posted by at
Labels: , , ,

Tuesday, June 20, 2017

Phishing Attack "Ushering Job This Weekend"

There is another Phishing Scam Circulating with the title "Ushering Job This Weekend".
Please delete this email.  If you did click into it, please follow these instructions to clean your account.
Posted by at
Labels: , , ,

Phishing Attempt - Don’t be Fooled….

Another round of “phishing” attacks have been detected and reported to ITS.  Some users on campus have reported receiving an email message crafted to look like it came from the Provost.  The suspect message includes a PDF attachment that forwards the user to a fake login page to provide their Username and Password to open the file.  While the attacker took the time to identify the Provost as a trusted sender and craft the message to appear to come from the Provost’s account, it is clear from the message “from” address that it did not originate from the Provost, but rather an off-campus email address with the name changed to match.

Screen Shot 2017-06-20 at 3.03.10 PM.png

If you happened to click the message, a “locked” PDF file would appear and forward you to a fake login site to “unlock” the message.  There are several indicators on the fake login site that confirm that the site is not legitimate.  

First, all JasperNet users should only provide their password at the “green” login page of secure.manhattan.edu that indicates a secure connection to Manhattan College.
Screen Shot 2017-06-20 at 3.06.38 PM.png

Second, the fake login page indicates that the connection is “Not Secure” and uses a non-Google URL (biosyncpharma-dot-com).

Screen Shot 2017-06-20 at 2.55.11 PM.png

If you encounter this or similar messages, please forward to ITS@manhattan.edu to be validated.

NEVER click on a suspicious attachment and NEVER provide your username or password at a suspicious login page. Beware of unsolicited messages.
Posted by at
Labels: ,

Phishing Scam Circulating Indicates from Provost

There is a phishing scam circulating indicating that it is coming from the Provost.  The email address from which this is originating is not the Provost's email.  Please do not click on the PDF attachment.

Posted by at
Labels: , , ,

Wednesday, May 17, 2017

Solution for latest RansomWare Attack (WannaCry)

The latest RansomWare attack known as WannaCry impacts Windows machines that are not up to date. 
To prevent your personal Windows machine from getting impacted, please turn off the Windows feature named:
SMB 1.0/CIFS FILE SHARING SUPPORT

1. Click on the Search option and search for "Windows Features" and you will see the result as "Turn Windows Feature on or off"
2. Upon clicking the option, the following screen will be prompted:




3. Untick the box and click "OK"

Please Note:  TURNING THIS FEATURE OFF WILL MAKE YOUR COMPUTER RESTART.

 To avoid this virus the best practice would be to follow these instructions for Manhattan College Windows PC's and personal Windows PC's.


Posted by at
Labels: , , , ,
Subscribe to: Posts (Atom)