Beware “HEALTH SECURITY ALERT” phishing email!

ITS staff have received numerous reports of a recent email that is attempting to steal your username and password! If you receive an email with the subject line “HEALTH SECURITY ALERT” or “HEALTH ISSUE ANNOUNCEMENT ON CAMPUS”, which looks like the screenshot below, please delete it and do not click any links within.

Screenshot of phishing email with subject "health security alert", and a link to view and download.

See more Phishing Wall of Shame examples at blogs.umb.edu/phishing


If you have given your personal information to a phishing attack like this, please act quickly. Change your password at mypassword.umb.edu, and notify IT Staff by emailing abuse@umb.edu for more help.

STUDENT PHOTOGRAPHY PROJECT 2017

Technology is a primary form of communication for students around the world. Not only does it have academic significance, it acts as a personal companion in our day-to-day lives.  Five students at UMass Boston engaged in an extensive photography workshop lead by Lisa Link. Students worked on a total of two semesters on these photo projects and met every Wednesday for their critique and reviews.

“It is so important to have critiques because they help you in giving another perspective on your images- highlighting the good and the areas that need more work,” said Sashi Poudel, one of the student photographers.

The 2017 student photography project event was held on the 17th of May in the Upper Level of Healey Library.  Lynn Nguyen, Cynthia Rubio, Aisha Yousuf, Sashi Poudel and David Liu presented their works and celebrated a project well done with light refreshments and conversation. Students, faculty, and bystanders observed the photographs with great admiration.

David Liu, a sophomore studying Information Technology, shot all his photographs with his iphone 7 and in portrait mode. He further explained how he used an editing application on his phone which helped him to add effects to his images. Although Liu has some experience with photo and videography in the past, he felt that the weekly meetings, critiques, and topics helped him build on that skill further.

There were also students who did not have that much of prior experience- and that’s okay! The best part about the workshop is that Lisa works with students to not only teach them the basics and a step higher than that but she also assists in teaching them how to use photoshop. Lynn Nguyen, a freshman, was one that did not have any experience. She found her interest in reflection imagery and mainly worked with those images. She captured the everyday use of phones, explaining that there is something new in technology every year and the industry is growing at such a fast pace- it is impossible to capture it all in one image but she tried to show how significant phones are in a student’s life.

Sashi Poudel, a senior and a computer science major, also claimed to have learned many new tricks and techniques to photography. Just like any ordinary young male, Sashi did not have prior experience either. He described their workshop as “amazing and fun.” When asked about what role technology plays in his life, he said, “we are too much into technology, accessing information has become easier than ever and I think that now virtual has become a reality.” Sashi also experimented with a very distinct style in his image, called the “long exposure photo” where he and David along with a friend from the IT department turned on their phone torchlights and ran across an open space in the library. The result? a beautiful pattern captured by the camera lens in the long exposure mode.

The event also was highly significant in keeping up with UMass’s reputation of student diversity by exhibiting an image related to people with disabilities and how they use technology. The image was taken by Aisha Yusuf, a senior studying psychology. She explained how there is a disabilities lab called “AC Lab” and how it is equipped with devices that allow those who are physically impaired in any way to access information just like any other student on campus does. The example she used was that of a desktop-like device that magnifies the text for the viewer. Aisha also explained that she had a pleasant time working with Lisa link who taught her how to take a reflective shot and use photoshop and cameras in general.

Overall, just like last years photo workshop, the students had a wonderful experience that was a mix of teammate bonding and learning. Lisa emphasised on the fact that this group, in particular, was very engaging and collaborated constantly with one another on projects and critiques.

“I believe that the students must express their views about the university. It benefits IT into understanding what they want and think and how IT can help them gain that access or experience. They must feel comfortable to utilise the IT space” she said.

This event was only the beginning of another exciting project. The images have been placed on the left wall of the lab hall in UL, and every year, the IT photo projects will progress up the hall, and soon students will be walking around works of art. This not only beautifies the hall further, but it creates a sense of community and belonging.

The student IT event was once again a great success, if any students wish to participate in this exciting opportunity, they must email Lisa Link at: Lisa.link@umb.edu

 

WannaCry Ransomware Windows Vulnerability

As widely reported in the press over the weekend, a new ransomware threat named “WannaCry” has impacted Windows machines (workstations and servers) around the globe. Due to better Windows update compliance, systems in the US have been less impacted than international systems. This threat only impacts select Windows systems and does not impact Apple iOS systems.

“WannaCry” is initiated when a user responds to a phishing query by opening and executing an attachment to that email. Once it executes, it encrypts files on the affected local computer and shared drives. The user is then asked to pay a ransom to recover the files. To add salt to injury, “WannaCry” malware spreads aggressively by behaving like a worm and attempts to infect other vulnerable unpatched machines on the network. As far as we know, the format of the phishing email is not consistent but the underlying Windows vulnerability only impacts unpatched Windows XP, 7, and 8 systems, as well as Windows Server 2003 and 2008 Editions. Windows 10 PCs patched in March of this year are not affected by this attack.

UMass Boston Windows XP systems are rare and are believed to be offline as they do not show up on ITS Qualys scans. If you have an XP system and would like us to help you upgrade please send an email to ITSecurity@umb.edu and the ITS Security team will respond asap.

Windows 7 & 8 systems which are current in terms of patching updates are not vulnerable. This includes all workstations supported by the ITS KACE workstation management service and some departments which have similar services.

For those systems which are not current in terms of updates and where the user has fallen for the phishing attempt, several actions may occur.

  • The system’s hard drive and associated network shared drives may be encrypted by running the attachment. In this case, the user is presented with a message that, until a ‘ransom’ is paid, the user will not be able to access the data on the encrypted drive(s).

NOTE: UMass-wide IT Security Policies prohibit the payment of ransom. Should a user experience a ransom query, he or she should not respond to the query and should immediately contact IT Security by emailing ITSecurity@umb.edu or by calling Wil Khouri, UMass Boston Information Security Officer, at 617-287-6232.

  • Additional systems on the UMass Boston network may be scanned from the infected system for the underlying vulnerability and those vulnerable systems may be encrypted and the ransom notification presented to the user(s) of that vulnerable system.

UMass Boston’s best defense to this, and all malware, is an educated and vigilant user community recognizing these threats, reporting them to ITSecurity@umb.edu, and deleting the offending email.

Beware of Ransomware, a virus that locks your files until you pay a ransom. Run antivirus, backup your files, keep your computer updated, and be careful what you download.

Beware of the “Verify your email address” phishing email!

ITS staff have received numerous reports of a recent email that is attempting to steal your username and password! If you receive an email with the subject line “[your name]@umb.edu Will be close”, which looks like the screenshot below, please delete it and do not click any links within.

See more Phishing Wall of Shame examples at blogs.umb.edu/phishing


If you have given your personal information to a phishing attack like this, please act quickly. Change your password at mypassword.umb.edu, and notify IT Staff by emailing abuse@umb.edu for more help.