IT Advisory: Telephone Scam Reported
Sent: Wednesday 3/1/2017 4:00 pm CST
This IT Advisory is important for everyone.
We have been alerted to the fact that USI employees have received inbound calls from a telephone number that is known to be used in scams.
Cybercriminals will use public phone directories. They may already know your name, title, and employer. They may attempt to reference standard technology that USI uses. They are attempting to gain your trust and once they do, they typically ask for you to provide your username and passwords or may request to access your machine remotely. Or they may ask that you visit a website to download or install software to fix a problem with your computer.
Do not trust unsolicited calls, never provide sensitive information, and never allow someone you don't know access to your computer.
Report any telephone scams to the IT help desk.
Assistant Director IT Security
IT Advisory: PHISHING messages at an all time high - be on alert
Sent: Wednesday 2/8/2017 9:30 am CST
Multiple USI employees have reported that they have received a PHISHING email like the one below. IF you received this message and followed the link – Change your password immediately. Also, go to the following site for more information: http://www.usi.edu/it/safe-computing/securing-your-account/
The cyber-criminals are getting SO much smarter. They are taking the time to cruise the USI web site – looking for names/addresses of employees in particular departments.
I have seen email Phishing messages sent to our employees (calling them by name) that ‘appear’ to be from their supervisor – and even from President Bennett.
The Phishing messages today were from a USI account where the password was most likely gleaned from a previous (over 1 month ago) phishing attempt. We had multiple people who were tricked into giving out their credentials on that attack. I will send a follow-up email to all of the people who received the Dropbox phishing message – I am asking that all of these people change their password.
EVERYONE must be on HIGH alert. What to look for to determine a Phishing email:
-Be aware of the FROM ADDRESS – not just the From Name.
-Is your name/email in the TO field – or was the message sent to MANY recipients and they are all Blind Carbon Copied?
-HOVER over hyperlinks before clicking on them. Make sure the link actually goes to the web site that the email alludes to.
-Be suspicious of Hyperlinks and of attachments.
-Be suspicious of email messages from your bank, Amazon, Paypal… these can all be faked. Don’t follow email links – go to your browser and straight to Amazon/Paypal/Bank.
Departments on campus that deal with money or secure data need to be extra aware that they are a target.
As an added note – we do NOT EVER send the following items in an email (even in an email to another USI employee )
**** Example of the Phishing Message Below ****
From: <name removed>
Sent: Wednesday, February 08, 2017 7:20 AM
Subject: Please View
See below the 2017 University of Southern Indiana Proposal,Please click the link below and log in to view
University of Southern Indiana Proposal <hyperlink removed – to protect everyone>
IT Advisory: email hacking attempts increasing
Sent: Friday 2/3/2017 5:20 pm CST
This IT Advisory is important for everyone.
We are seeing an increase in the volume of phishing e-mails offering users attachments, links or false instructions, designed to steal your identity, password, or Social Security number. This morning a member of the campus community received an email purporting to be related to their W2 forms. The e-mail, which appeared to be from the University, was well crafted but fake.
As a reminder, do not click on links within e-mails unless you are certain the sender and link are valid
- Inspect the sender's address. If it doesn't look right, do not reply.
- Inspect the link by hovering your mouse over it. If it doesn't look correct, do not click it.
- Look at the way the message was written. Spam and phishing emails often (but not always) include misspelled words, poor grammar, and CAPITAL LETTERS or excessive punctuation!!!
If you receive a suspicious email, please report it by forwarding it to email@example.com. If you have questions about your W-2 form, please follow up with the Payroll at 812.464.1815 Monday through Friday 8 a.m. – 4:30 p.m.
IT Advisory: Alert regarding Facebook advertisement
Sent: Wednesday 10/26/2016 2:20 pm CST
The USI Information Technology Department would like to alert our students, alumni, and the University community about an advertisement and solicitation that has appeared on Facebook, which may give the impression that USI is affiliated with “Smart Debt Advisor.” Before responding to any online or direct advertisement from this company, please be advised USI is in no way affiliated with or recommending the services of Smart Debt Advisor. USI has not authorized this company’s use of any photograph or logo of USI in any message or advertisement. As always, you should exercise appropriate caution and investigate any company advertising loan forgiveness services, or any other product or service, before engaging or paying for such products or service.
IT Advisory: Blackboard DOWN Friday 8/26!
Sent: Tuesday 8/23/2016 4:58 pm CST
This IT Advisory is for all Blackboard users:
On Friday, August 26, the Blackboard system will be TAKEN DOWN at 9:00pm for further maintenance and system upgrades. The system should be available after 10:00am on Saturday, August 27. Please keep in mind that you may be able to access the system intermittently during this time, however, this does not mean maintenance is complete. We will send an email when maintenance is complete and you can begin using the system again. Note: Instructors, please DO NOT schedule any tests or assignments at this time – students should not be able to access the system and information submitted during this time will be lost.
We are sorry for any inconvenience the Blackboard downtime may cause and apologize in advance.
USI IT Advisory: Employee Emails (@usi.edu) are being moved to the Cloud
Sent: Wednesday, June 08, 2016 11:05 AM CST
This summer the Information Technology department will migrate all employee (@usi.edu) email accounts to Microsoft’s cloud based suite called Office 365. Our student and alumni mailboxes are already in Office 365.
IMPORTANT – all email communication about this migration will come from the IT Advisory email account. All messages from the IT Advisory account will have an employee’s name in the signature – and either their direct telephone number or the phone number of our helpdesk. Do not fall for a phishing attack about a mail migration.
Mailboxes will be scheduled and moved in batches. See the web site mentioned above for the schedule of moves.
Outlook will work the same after your mailbox is moved although the web-based mail may look different. You should be running a current (2013 or 2016) version of Outlook (at Work and at Home). If you are running Outlook 2007 or 2010, you should plan on updating to the newest version. Outlook 2010 should work OK, but should have all patches applied. As a USI employee, you can download a current version of Microsoft Office on your Personal equipment (www.usi.edu/it/software ). Please let our IT technical staff update your work equipment. Mobile devices may need to be reconfigured. More information on that will be available as we get closer to the migration.
What can YOU do to prepare for this mail migration? Clean up your mailbox. Delete any messages that can be deleted. You should also save any attachments in email messages that are large (greater than 20 MB). See the pre-migration steps on the web site.
IF you wish to be part of the test group - please contact me.
If you are going to be traveling this summer - check the migration schedule. If you need to have your mailbox moved sooner or later then, let me know.
New benefits you'll have with Office 365:
1) Your mailbox will have 50 GB of storage!
2) You can use the Outlook App on your devices.
More questions? See our Office 365 FAQ. Need help? Contact the IT Helpdesk x1080.
University of Southern Indiana
USI IT Advisory: Increased Ransomware Activity
Sent 3/16/2016 (1:57 PM CST)
This email is important for everyone.
Ransomware is a type of hacking where your data files are encrypted and you need to pay to gain access to them. There is big money in this, and recently the Internet has seen a huge increase in attacks on both Windows PCs and Macs. If you are ever caught by a ransomware virus, the most important thing is to have your data backed up. We automatically backup everything on your H drive, but we know not everyone uses this, or you may not know if you are using this. The data below specifies how many files you have on H, and how recently your files were updated. This should help us both understand if your data is safe or needs additional safeguarding.
Number of files of H: 2335
Space used on H: 11,976.0 MB
Date of last change: 3/15/2016
Based on the date of last change, it appears you are actively using H and your files will be on our backup. If the number of files looks very small and you think should be more, please submit a request with the help desk (IT@usi.edu) for someone to review your situation.
Besides having your data backed up, it is important to understand how to avoid the attack. It is being delivered by email as an attachment (and may look like a legitimate word document or zip file), and is being delivered on popular web pages such as yahoo.com, nytimes.com, etc. (it will likely show up as a message that your Adobe Flash or Reader is out of date and needs updated, or saying your system
appears to be infected and needs to be cleaned). Be very cautious
with anything arriving at your computer, and if you are unsure call the help desk for assistance.
If you work remotely, you probably won't be backing your files up on H. And your personal files on your home computer are also probably not backed up anywhere. Our remote users can store copies of their work files in OneDrive for Business cloud storage (contact the help desk for assistance). And for your personal documents, probably the best solution is to use a cloud backup service such as idrive.com for a small fee, or get a personal account on OneDrive or Google Drive which provides a reasonable amount of space for free.
USI IT Advisory: Increased Hacking Activity
Sent 3/3/2016 (11:21 AM CST)
This advisory is important for everyone.
The internet community is seeing a sizeable increase in ransomware hacking attempts. With this kind of attack, your data is encrypted and you can no longer access it until you pay a ransom fee to the hacker. Whenever a new version of this attack appears, the hackers attempt to distribute it every way they can. There is a new version called “Locky”, and it is being seeded into web pages that have been compromised by the hackers, and it is also showing up as attachment to email. The email attachment can take many forms, one of the more common ones being a zip file, and we are also seeing this embedded into a Word document.
Here are several recent examples of what this may look like:
It is extremely difficult to completely block this from our network. This kind of virus is known as a “polymorphic” virus, meaning it can continue to change itself over time so that anti-virus tools have difficulty detecting it. Please be extremely cautious when opening any attachments arriving in email or popping up on a web page. If you are unsure about any attachment, forward it us and we will investigate it for you.
Exchange email upgrade FRIDAY evening
Sent 3/2/16 (1:22 pm CST)
This advisory is informational for everyone.
We will be applying patches on the Exchange email system on Friday night 3/4/2016 from 5:00 – 9:00 pm.
This will cause an outage of mail. Any mail SENT TO you during the down-time should be delivered when the system is back in operation.
If you experience any mail problems after 9:00 pm on Friday, please don’t call my direct line or send an email directly to me. Instead, call the help desk 812-465-1080. Or email IT@usi.edu. By accessing the helpdesk, your issue will create a work ticket which can be seen by our entire department. If one of us is busy or out of the office, your ticket can be seen by others.
We apologize for any inconvenience this might cause.
Update: USI IT Advisory: Internet Outage
Sent 2/17/2016 (3:57 pm CST)
This advisory is informational for everyone.
At approximately 3PM our Internet service was restored. You most likely immediately noticing queued external emails beginning to deliver to your mailbox. Emails sent to or arriving from off campus will now complete delivery, and no email has been lost. The failure was in our Cisco firewall, and Cisco worked with us to bring it back online.
Because this outage had a more significant impact on our students (who were unable to use Blackboard or email from noon till 3PM), we request that faculty take this into consideration for students who may have been attempting to complete homework or tests during this time.
USI IT Advisory: Internet Outage
Sent 2/17/2016 (1:34 pm CST)
This advisory is important for everyone.
Shortly before noon we lost connectivity from the campus to the Internet. We have traced the failure to a specific piece of equipment and are troubleshooting, but have no ETA for restoring service.
This outage affects all traffic coming to or leaving the campus, on both wired and wireless networks. While this is happening, students will be unable to use Blackboard or access their Eagles email.
We will update when we have it fixed or have more specifics regarding the timing of the fix.
USI IT Advisory: myUSI unavailable
Sent 2/11/2016 (7:49am CST)
This advisory is relevant to anyone needing to use myUSI.
Sent 2/11/2016 (8:31am CST)
myUSI is back online. Our provider in Cleveland had a network outage that took myUSI offline from roughly 7:15AM to 8:15AM. During this time students would not have had access to Blackboard or other tools on myUSI.
USI email from off campus to Exchange is impaired
Last night we replaced an expiring Security certificate on the mail servers. For the most part this process went really well.
However, this morning we are finding that some mail from off campus (EAGLES-MAIL is included in this category) is generating a Non-Delivery to the sender.
We are working on finding the solution to this issue, but we felt it necessary to tell faculty and staff that they might not be getting all the mail directed at them.
Again, the sender IS getting a Non-Delivery message/Failure. They should be aware that their message was NOT delivered.
This IT Advisory is relevant for all Blackboard users...
There was an issue with enrollment this morning (2/3) and students have been disabled. We are running the files currently and expect all students to be repopulated no later than 10:30 am this morning. Please keep in mind that if a student was in the middle of an exam, the exam will likely not be submitted correctly. Anything entered PRIOR to the student becoming disabled will be restored and all grades, assignments, etc. should be there without any issues. If you continue to experience issues after 10:30 am this morning, please contact the Blackboard Team at 812-465-1080 so that we can help resolve your issues.
PLEASE MAKE NOTE:
On Saturday (2/6), Blackboard may be unavailable from 4:00-7:00 am CST for routine maintenance. Please do not schedule any exams, quizzes, or assignments to be submitted during this time frame.
Walter Fisher and Shannon Hoehn
USI Blackboard Team
Banner Downtime Tomorrow Night (1/15/16)
This advisory is relevant to Banner users:
The Banner PROD system will be unavailable after 5:00pm tomorrow (Friday, 1/15/2016) while we freeze census data for the spring term.
We expect Banner to be available after 8:00pm.
USI IT Advisory: Some Help Desk ticket information lost
This IT advisory is relevant to everyone on campus.
Over the holiday break, the Kace server which houses all of our trouble ticket data severely overheated and multiple discs failed. It has taken quite a bit of time to recover this system and we should be fully running once again. However - we lost all tickets entered after November 2nd up to Jan 6th.
If you entered a service request during this time frame and are waiting for someone to work with you, please contact the IT Help Desk. They can check to see if you have any active tickets in the system, or recreate one if needed.
USI IT Advisory: Blackboard Course Information
This IT Advisory affects all Blackboard Instructors:
The default availability for courses is set to "NO", which means all instructors must go into the system and make their course available for students to view when the course is ready.
To make a course available:
1) Go into your course in Blackboard and go to "Control Panel"
2) Choose the "Customization" tab
3) Then click on "Properties"
4) The 3rd point under Properties is "Set Availability"
5) Choose "YES"
6) Click "Submit"
Also, in order to avoid students becoming disabled in the system, the features that allow you to merge course sections and enroll users have been temporarily disabled until roughly February 1. If you need to have your course sections merged or you need to enroll a user, please make a ticket by sending an email to IT@usi.edu and we will complete the work for you.
Thank you - and welcome to a new semester!
Shannon Hoehn & Walter Fisher
Your Friendly USI Blackboard Team
Anthem Email Hoax
You may receive an email similar to that below purporting to be from Anthem and offering credit monitoring. Any email like this should be viewed with suspicion.
Do NOT respond to any email offers of this kind.
Please visit the special Anthem website, www.anthemfacts.com or call the special Anthem hotline, 1-877-263-7995 for the most up-to-date information.
IT Advisory – Moving & Purging O: Common Drive Contents
First a reminder/refresher/revelation:
"O: is called "Common" because it is just that, common access for all USI employees. Anything saved/copied there, with a few notable exceptions that prove the rule true, can be read, changed, deleted, by any USI employee. If you have been using O: for other purposes, please contact us for suggestions on how we can help you get a more private network shared space.
Second, the real reason why I asked you here:
O: Common data is being evicted from its current SAN. You will not see any difference in where O: is, but you will see some change in contents. I do not want to have to move everything. Some of it is dated. Some of it should probably be shared or stored elsewhere.
If you have data on O: that you want to have there after the move, please identify it before Friday afternoon, 1/30/2015. Sometime late afternoon, I plan to remove the share and recreate it on the new location. You will probably see the red X on your drive that will go away when you click on it. What will also go away is files that no one asks to have moved.
Please DO NOT respond to this email with information. Email the IT Help Desk, and have a ticket created, if you want to make certain you have tracking of the request to move.
Anyone who knows me knows I do not want to lose data. But I do want to clean up the O: drive and ultimately make it a more useful resource.
And thank you.