Please Note: The IT Service Center will be closed Thursday, November 27 through Saturday, November 29 and reopen from noon to 6 p.m. on Sunday, November 30.
Our campus is constantly under attack by a barrage of attempts to steal personal information, often referred to as phishing. Often these attacks come during holidays when campus IT support is unavailable. Even when you can’t contact the IT Service Center there are still clues and resources to help you figure out if an email is legitimate or a phishing attempt.
Universities are a frequent target of data thieves who are out to steal your credentials. Just recently some would-be thieves created a fake MyCUInfo login page and tried to lure people to enter their email password by telling them someone had tried to log in to their account from Japan. It was a clever ruse and just another example of why we must always be vigilant.
The campus has been recently targeted by malicious emails that appear to be an attempt to trick you into divulging your password. This phishing message claims that there was a login attempt to the recipient’s CU-Boulder account from Japan and encourages recipients to click a link to login to their account to take corrective actions. The nefarious link directs users to a fake site which mimics MyCUInfo. After users are tricked into divulging their username and password they are redirected to real MyCUInfo site.
The campus has been recently targeted by malicious emails that notify users they have exceeded their email storage limit and need to click on a link to re-validate their account.
Individuals who received this email should simply delete the message. If you or someone in your department responded to this phishing attempt and entered user information, that person should contact the IT Service Center during regular business hours at 303-735-4357 (5-HELP from a campus phone).
Please also remember the following:
Identity Finder, a tool provided at no-cost to faculty and staff, scans the content of all computer files and alerts the computer user if private information may be easily-accessible (e.g. social security numbers or credit card numbers). This alert allows the user to securely delete or protect this data to avoid others accessing it in the event of a virus or theft.
CU-Boulder employees have access to, and are responsible for protecting, a wide variety of sensitive information. Unauthorized exposure of information such as student academic records, medical information, credit card information, and social security numbers can have a harmful effect on people's lives. Therefore, OIT recommends scanning your computer for private data frequently so you can take the proper precautions.
The University of Colorado in partnership with Identity Finder is promoting the Identity Finder Student Initiative, providing Students with a copy of Identity Finder home edition at no cost. The software is designed to assist students find private data stored on their computers.
Modern malware targets locations computers store records of purchases made online, college applications, credit and banking applications and more. If the malware finds this information it communicates that information to its creator. The information is then used to steal identities or to make errant purchases without the owner's knowledge. Knowing where this information is provides the user with options. Students are advised to utilize this software to assist in protecting themselves.
Technical Staff, like our IT Partners, can find helpful information on this page along with installers to Forefront Client Security .msi installers for desktop deployment
OIT advises Linux administrators use file protection based on the functionality of the system. If you are running a file server that hosts files that can be executed on a Windows system, use antivirus protection from ClamAV. Host-based intrusion detection (HIDS) is advised for systems that run internet facing services.
OIT recommends Microsoft Security Essentials antivirus and antispyware software for pesonally owned computers running Windows OS.
OIT recommends the use of Sophos software for university-purchased Macintosh computers.
|Sophos Endpoint Protection|
|Available For:||Faculty, Staff, and student staff conducting official university business.|
OIT recommends System Center 2012 Endpoint Protection for Windows antivirus and antispyware software for university owned computers running Windows OS. System Center 2012 Endpoint Protection for Windows is provided as a common good service through the Microsoft software campus EES agreement. System Center 2012 Endpoint Protection for Windows is not available for personally owned computers.
CU-Boulder's Large File Transfer service is a web tool to send large files securely to any email address, on- or off- campus. This is a great solution for anyone sending large files, but particularly for researchers who share large datasets.