Category Archives: News

PHISHING WALL OF SHAME – “Library Account”

October 21, 2015 John Mazzarella 1 Comment

A well-crafted phishing attack!

Large communities like UMass Boston are juicy targets for cyber scammers, because time can be spent crafting a convincing con, then used on a large number of potential victims.Today’s Phishing Wall of Shame entry comes from Patty C., who trusted her gut, and protected herself.

This scammer did a pretty good job! They picked a realistic looking (though not technically real) email address and “spoofed” the From address. They also included a URL that looks legit, because it ends in “umb.edu/”, however this URL is also “spoofed”. Learn more about Email and URL Spoofing in a previous Wall of Shame entry.

IT Staff were able to investigate the spoofed URL in a secure way, and saw it directed to a form requesting the user enter their name and Library barcode. Trained IT Staff opened the file to take a picture, however you should avoid clicking a link in a suspicious email, because they could contain phishing attempts, malicious code, or illegal content and could cause harm to your computer. Here is peak what this link contained:

The page that loads looks exactly like the off-campus login page for EZ-Proxy! The scammer was able to match it very closely. If you had filled in this form with your email and password, your account would be in the hands of this scammer!

If you are suspicious of a link, website, or email, you can contact the IT department to ask if it may be a scam. Forward a copy of a suspicious email to abuse@umb.edu.

Always remember…

Don’t take the bait! IT will NEVER ask you for your password. Phishing emails attempt to deceive you into giving up your private information by leading you to fraudulent websites. Learn more at:
http://www.umb.edu/it/getting_services/security/phishing/

News

Phishing scams

September 1, 2015 IT Blog Admin

Phishing scams that try to steal your username and password aren’t limited to email and bank accounts. Many UMass Boston users have been getting messages targeting their library accounts. (See example below.) The message pretends that the user’s library account is being deactivated and asks the user to click a link and enter their username and password to prevent deactivation. Needless to say, the link takes you to a hacker’s web site rather than UMB’s. Don’t do it!

Do not click on any link requesting your library account information and password. If in doubt, please call the Library Circulation Desk at (617) 287-5900 or email library.circulation@umb.edu.

Fort more information about phishing and security, please see the IT Department’s phishing awareness page:

https://www.umb.edu/it/getting_services/security/phishing

Or contact the IT Service Desk at (617) 287-5220 or email ITServiceDesk@umb.edu.

EXAMPLE PHISHING MESSAGE

From: Library <library@umb.edu>

Date: August 22, 2015 at 12:05:52 PM EDT

To: <john.doe@umb.edu>

Subject: Library Account

Dear User,

Your library account has expired, therefore you must reactivate it immediately or it will be closed automatically. If you intend to use this service in the future, you must take action at once!

To reactivate your account, simply visit the following page and login with your library account.

Login Page: https://login.ezproxy.lib.umb.edu/reactivation

(in the actual email, the link pointed to a hacker’s database rather than to a UMass Boston web page.)

Sincerely,

Healey Library – University of Massachusetts Boston

News, Phishing, Security

PHISHING WALL OF SHAME – “Help Desk”

August 11, 2015 John Mazzarella

A trusted name doesn’t always mean trusted content!

If you ever fall victim to a phishing attack, your email account could be compromised by scammers. If this happens, your account can be used to send attacks to your contacts. Even if you see a familiar name in the “From:” field, it’s not a sure fire way to trust the message. Today’s Phishing Wall of Shame entry comes from Rose C. and Hannah L., who both were emailed by a faculty member they knew, but saw a message they didn’t trust:

Our two Security Stars knew the sender, but they knew him as a faculty member without any relation to the IT department. There was no reason to think that he should be informing them about an issue with their email.

The email has a link in it. IT Staff were able to investigate this link in a secure way, and saw it directed to a form requesting the user enter their email username and password. Trained IT Staff opened the file to take a picture, however you should avoid clicking a link in a suspicious email, because they could contain phishing attempts, malicious code, or illegal content and could cause harm to your computer. Here is what this link contained:

The page that loaded is an amature looking form that is clearly not an official UMass Boston communication, however remember that in our last posting we learned to never rely on the incompetence of scammers to keep yourself safe! If you had filled in this form with your email and password, you can bet that your account would soon be sending out attack messages too, or worse!

If you are suspicious of a link, website, or email, you can contact the IT department to ask if it may be a scam. Forward a copy of a suspicious email to abuse@umb.edu.

Always remember…

News, Phishing, Security

Phishing Wall of Shame – “Office/365 Changes to Sign in”

July 27, 2015 John Mazzarella

A scam with flashy graphics!

Sometimes phishing attacks are obvious because the contents of the email are clearly not professional. However this is not a reliable way to catch scammers! Today’s Phishing Wall of Shame entry comes from Robyn A., who was savvy enough to sniff out this sophisticated scam. Here’s what it looked like:

This is the most sophisticated email layout we’ve seen so far on the Phishing Wall of Shame series. It’s not perfect, but you can see that it wouldn’t have taken too much more work to make it look perfect.

Never rely on the incompetence of scammers to keep yourself safe!

So how did Robyn know this was a scam? The links that the email encourages users to click don’t lead to a URL that she recognized. When you hover your mouse cursor over a link, your browser shows the URL it leads to. If you expect to see “umb.edu” and don’t, this is a warning sign!

If you are suspicious of a link, website, or email, you can contact the IT department to ask if it may be a scam. Forward a copy of a suspicious email to abuse@umb.edu.

Always remember…

News, Update Notifications

Xythos update, and downtime notification: 7/22 – 7/23

July 20, 2015 John Mazzarella

The UMass Boston Document Management System, Xythos, will be down for a scheduled upgrade from July 22nd at 9:00AM until July 23rd at 5:00PM

IT Staff will be performing an upgrade to the Xythos document management, sharing, and collaboration system, to the latest version – 7.2.145. Xythos will be down from Wednesday July 22nd at 9:00AM until Thursday July 23rd at 5:00PM.
We apologize for the inconvenience.

If you have concerns accessing your files during that period,
please contact ITServicedesk@umb.edu or call 617-287-5220.

To learn more about Xythos file sharing, click here.

Visit the IT Status page for the latest updates: umb.edu/it/status

News, Security, Update Notifications

Are you on the new McAfee Antivirus Server? How to check on a Mac

June 12, 2015 itnews

To check your current ePO server for accuracy, click on the red McAfee shield in the upper right corner and click McAfee Endpoint Protection for Mac Preferences:

In this window, click the update tab and verify the Repository URL of our new ePO Server is:

vm-epoapp.umassb.net. If the displayed name on your screen is epo-umassb.net, or anything else, click here to jump to the Get Help section.

NOTE: Your McAfee Suite should be called McAfee Endpoint Protection. If it is displayed as anything else, click here to jump to the Get Help section.

If you do not see a red shield with a white M (McAfee) and only see a blue and white shield with a V (VirusScan Enterprise), you are almost there but will need to take action (See Assistance below).

If you do not see either one of these shields and you are using a University-owned machine, click here to jump to the Get Help section.

To check your windows system please see McAfee-Windows-Check

Get Help

If you have a machine that needs action taken, please contact the IT Service Desk and open a service request. Be sure to mention McAfee ePO and a member of the Desktop team and/or IT-EPO Admin team will be able to assist you.

Email: ITservicedesk@umb.edu

Phone: 617.287.5220 (on campus: 7-5220)

Online HEAT ticket, click self-service.

News, Security, Update Notifications

Are you on the new McAfee Antivirus Server? How to check on Windows

June 12, 2015 itnews

To check your current ePO server for accuracy, click on the red McAfee shield in the lower right corner and click About (see image below). In this window you can find all of the installed software and versions. The DNS Name of our new ePO server is vm-epoapp.umassb.net. If the displayed name on your screen is epo-umassb.net, or anything else, click here to jump to the Get Help section.

If you do not see a red shield with a white M (McAfee) and only see a blue and white shield with a V (VirusScan Enterprise), click here to jump to the Get Help section.

If you do not see either one of these shields and you are using a University-owned machine, click here to jump to the Get Help section.

If you have a Macintosh please click on Mac-McAfee-Check-Instructions

Get Help

Email: ITservicedesk@umb.edu

Phone: 617.287.5220 (on campus: 7-5220)

Online HEAT ticket, click self-service.

News

Tech Summer Camps – Tech workshops all summer long!

June 4, 2015 John Mazzarella

The IT Department is offering a series of tech workshops on the tools and services we support all summer long! Classes are just an hour or two per day, but grouped to give you a solid overview of the topic.

Click Here to Sign Up!

Come to a single session or a full week! Full attendance is NOT required.

News

Website upgrade complete, umb.edu back online!

June 4, 2015 John Mazzarella

On Wednesday evening from 6PM to midnight, the umb.edu website went offline to preform an upgrade. The upgrade went well, the process is complete and umb.edu is back online.

The team is in the process of reactivating access for all web editors.

News

Notification of website downtime

June 1, 2015 John Mazzarella

On Wednesday evening from 6PM – midnight, the umb.edu website will be offline to preform an upgrade to ExpressionEngine, our website Content Management System (CMS).

Web editors will also be unable to access the ExpressionEngine CMS messaging system, and the site will be unavailable during this time. Web editors will be further updated via the CMS Messaging System.