Error creating feed file, please check write permissions.
Wayne State University Wayne State University - Computing & Information Technology http://computing.wayne.edu/ Thu, 27 Jul 2017 18:48:55 EDT PHPSimpl http://wayne.edu/inc/global/wayne_state_university.gif Wayne State University Logo http://wayne.edu/ Feed provided by wayne.edu. Click to visit. Find answers to two-factor authentication FAQs http://computing.wayne.edu/news-item.php?id=21569 Wayne State University Thu, 10 Nov 2016 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=21569 Two-factor authentication helps verify your identity http://computing.wayne.edu/news-item.php?id=20805 Wayne State University Mon, 03 Oct 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=20805 Phishing alert: meeting notification http://computing.wayne.edu/news-item.php?id=20810 UPDATE Sept. 27: This same phishing message is still popping up in different variations. Take a closer look at this latest version: 1. From: If you get a suspicuos email, always check the sender. If you are not expecting an email from someone, ask them or search the WSU directory if you do not recognize the name. 2. URL: Again, always double check links before clicking them. When you put your cursor over a link in an email, the URL will appear in the bottom left corner of your browser. This one is not an affiliated WSU site. You will also see the grammer mistakes in this sentence: no space between here and to, and a missing period. 3. Signature: This email is signed Wayne University, not Wayne State or Wayne State University. Official University emails will have a template and a proper signature from a known department or person(s). --- Be on the lookout for the latest phishing scam. How can you recognize a phishing message? There are three red flags in this example, which has been recently seen by Wayne State University students.  1.) From: The email says it is from Wayne State University, but it does not list an admin address. If you receive an email from WSU, the name and the address will match. 2.) To: Any message you receive from WSU will not list "Undisclosed Recipients." WSU uses email lists to send mass messages. For example, students@lists.wayne.edu.  3.) URL: When you hover you cursor over the displayed link, the hyperlink address will display in the lower left corner of your web browser. In this example, the link is not a wayne.edu site.   Most importantly, remember that WSU faculty and staff will never ask for personal information via email. If you ever think you may be the victim of a phishing attack, please contact the C&IT Help Desk at 313-577-4357 or helpdesk@wayne.edu. If you are unsure about a message, delete it and do not reply. Learn how to protect yourself against phishing scams. Wayne State University Thu, 22 Sep 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=20810 Phishing Alert: Important WSU Verification http://computing.wayne.edu/news-item.php?id=20672 Please be on the look out for the latest phishing attack: Looks legit, right? Look again: Verify the source: This message appears to be sent from and sent to the same person. That's red flag number one. Watch for spelling or grammar mistakes: We see two mistakes in the first line alone — "will be disable" and "12hours." Inconsistent grammar is a big give away too. If you look again, you will notice the missing punctuation on the first, second and fourth lines. Incomplete sentences or missing information: The last sentence trails off, "To learn more, please read our."  Most importantly, remember that Wayne State University faculty and staff will never ask for personal information via email. If you ever think you may be the victim of a phishing attack, please contact the C&IT Help Desk at 313-577-4357 or helpdesk@wayne.edu. If you are unsure about a message, delete it and do not reply. Learn how to protect yourself against phishing scams. Wayne State University Mon, 05 Sep 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=20672 "New Information Update" Phish http://computing.wayne.edu/news-item.php?id=20507 Have you seen the latest phishing attack? This attack looked like an automated email sending you to an alternate login page: Dear All, This e-mail is to notify you that we are having a server overload therefore we will be upgrading our server. We need you to go to the following link to keep your account active after the upgrade. https://login.wayne.edu/server?overloadpg=8175 (This message was generated automatically) ----------------------------------------------------------------------------------------- IT Services, Wayne State University 42 W. Warren Ave. Detroit, MI 4820 (313) 577-2424 2016 Wayne State University Looks pretty legit? And check out the page that link takes you to - looks just like the real thing! How are you supposed to recognize this as a phishing attack? Take a closer look: That's not a real Wayne State URL. If you're logging into Blackboard, you know the URL is supposed to start with https://login.wayne.edu. The phishers are smart, but you're smarter. Don't let them get you. And if they do? Just call the C&IT Help Desk at 313-577-4357. Wayne State University Wed, 10 Aug 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=20507 Security Notice: Symantec Vulnerability http://computing.wayne.edu/news-item.php?id=20244 Symantec has discovered a critical bug in prior versions of Symantec Endpoint Protection antivirus software that allows a remote attacker to take control of a system or attack other systems. If you have any Symantec or Norton product installed on your computer, please update it as soon as possible. This bug affects versions on all systems including macOS and Windows. How to update your antivirus software: If you downloaded and installed your free copy of Symantec Endpoint Protection from the C&IT Help Desk, visit https://commerce.wayne.edu/helpdesk/ and login to download the latest version. If you have a Symantec or Norton product that you obtained in any other way, visit the settings of your product and find the Update option. This vulnerability affects 24 Symantec and Norton products, so be sure to update any product you have. If you have any questions about how to update Symantec Endpoint Protection on your computer, the C&IT Help Desk is ready to assist you. Contact us at 313-577-4357 or helpdesk@wayne.edu, or visit us in person (and bring your computer) at suite 005 in the lower level of the Student Center Building. Wayne State University Wed, 06 Jul 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=20244 Phishing Alert: "Important Update" Email http://computing.wayne.edu/news-item.php?id=20147 Phishers have renewed their attacks on WSU - sending malicious messages meant to steal your personal data, access your account and cause serious problems for all of us. If you entered information at the link in the message below or are concerned about the security of your account, please contact the C&IT Help Desk at 313-577-4357. Check out a copy of this latest email below and remember: Never share your password Be cautious about clicking on links - double-check the website address when you get there Keep an eye on the content of the email and the sender (typos and weird messages are a red flag) Wayne State University Mon, 20 Jun 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=20147 ProfTech: More on the tax fraud epidemic http://computing.wayne.edu/news-item.php?id=19202 Wayne State University Sun, 17 Apr 2016 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=19202 Phishing Alert: W-2 Scam http://computing.wayne.edu/news-item.php?id=18702 Phishers are back at it - sending you malicious messages meant to steal your personal data, access your account, and cause serious problems for Wayne State. This time, it's a message with false information about where to get your W-2. Do not click a link in this message - just delete it. If you entered information at the link included in this message or are concerned about the security of your account, please contact the C&IT Help Desk at (313) 577-HELP. Check out a copy of this latest email below and remember: Never share your password Be cautious about clicking on links - double-check the website address when you get there Your official Wayne State documents are available through Academica - login directly at a.wayne.edu Keep an eye on the content of the email and the sender Wayne State University Tue, 16 Feb 2016 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=18702 C&IT Security Officer Kevin Hayes is on cyber defense! http://computing.wayne.edu/news-item.php?id=17466 Wayne State University Mon, 17 Aug 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=17466 WSU Information Security Officer on Channel 4 News http://computing.wayne.edu/news-item.php?id=17200 Wayne State's Information Security Officer Kevin Hayes was featured on a segment on WDIV Channel 4 News today. Kevin talked about the cloud. Check out the piece here and keep an eye on your Channel 4 news for more segments! Wayne State University Thu, 25 Jun 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=17200 Safer and Simpler Login Experience at Wayne State http://computing.wayne.edu/news-item.php?id=17139 C&IT works hard to improve the security and simplicity of our systems for Wayne State students, staff, and faculty. To that end, we are pleased to share our brand new login page. Starting this summer, you will have the same login experience no matter what Wayne State system you are accessing - Academica, Wayne Connect, Blackboard, and more! When you access a system with the new login page, you can always check the address bar in your browser to make sure you are using an authentic Wayne State page. Every login will eventually be transitioned to https://login.wayne.edu and your browser will always show a padlock symbol next to this URL (web address) so you can be sure you are using a secure connection. Here are examples from Google Chrome and Safari: This new page allows us to improve cyber security and better protect our systems. Users can easily check for the https://login.wayne.edu URL and the padlock symbol C&IT can predict when users have forgotten passwords and assist them in a secure fashion Users can expect a consistent "look and feel" and will have a better idea if they are in the wrong place (like a page created by a scammer) C&IT can analyze login attempts and stop attempted hacks The new login page has already debuted on Academica. In the next few weeks, you'll see login.wayne.edu on Wayne Connect and Blackboard too. You don't need to do anything to access the new login page - just visit any of these systems like you did before and you will be automatically routed to the new login experience. Wayne State University Wed, 17 Jun 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=17139 Keep Wayne State Safe from Cyber Attackers http://computing.wayne.edu/news-item.php?id=17073 Dear Colleagues, C&IT is working around the clock to protect the university from cyber scammers, but there is only so much they can do without your help. Wayne State is seeing the highest ever volume of emails looking to take advantage of you and steal your information. Do your part to keep us all safe. The most common attacks right now are sending weebly.com and tinyurl.com links masquerading as WSU websites.  DO NOT CLICK THESE LINKS. You can access Wayne State services by typing the address (such as academica.wayne.edu) directly into the address bar on your Web browser. See examples below of what Wayne State Web addresses should look like so that you know the clues.  Keep an eye out for https in the beginning of the address and wayne.edu as the last characters before a forward slash: Academica in Google Chrome: Wayne Connect in Safari (Safari truncates some URLs and only shows a name for secure sites, but you can click the address bar to view the full address): Blackboard in Internet Explorer: Keep in mind the following facts to protect yourself: Wayne State will never send you an email with an urgent login request.  Emails with messages like "your account will be shut down in twelve hours if you don't log in right now" are guaranteed scams. The Wayne Connect upgrade this summer will happen automatically and you do not need to do anything.  Following the transfer you will be able to access your email in the same place as before: https://connect.wayne.edu It is a serious risk to use the same password for Wayne State and any other site.  If any of them are compromised, all the others will be too. Wayne State, C&IT, and the Help Desk will never ask you to share your password. Delete phishing messages.  Do not respond to them. If you are unsure of what to do, contact the C&IT Help Desk. For more tips on how to protect yourself and stay safe online, visit security.wayne.edu. Sincerely, Margaret E. Winters Provost and Senior Vice President for Academic Affairs Wayne State University Sun, 07 Jun 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=17073 ProfTech: Anatomy of a Phishing Onslaught http://computing.wayne.edu/news-item.php?id=16984 Wayne State University Tue, 26 May 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=16984 Phishing scams are on the rise http://computing.wayne.edu/news-item.php?id=16737 Update 5/21: Scammers continue to send the emails discussed below and further variations on this idea. Wayne State will never send you a link to update your password. No matter how official the site looks, check your address bar before you enter your information. Any official login page for a Wayne State service will have a "lock" icon in your address bar and will include "https" in the beginning of the URL. Take a look at how Wayne Connect, Blackboard, Pipeline, and Academica URLs are displayed in Google Chrome. If you are unsure whether an email is safe or not, just contact the Help Desk. Call at (313) 577-HELP or email helpdesk@wayne.edu For more information on Security Awareness, just visit security.wayne.edu. Update 5/13: A fresh wave of phishing emails has been sent to campus. Keep an eye out for the email below and similar messages. Remember: Don't enter your AccessID and password on any page that doesn't have a wayne.edu web address. There has been a recent increase in the number of phishing email messages targeting Wayne State users. While C&IT works around the clock to keep these messages away from your inbox, it's important to stay vigilant. Scammers are always ready to take advantage of you--be cautious! Never share your password with anybody. Click with care and remember: Wayne State, C&IT, and the Help Desk will NEVER ask you to share your AccessID and password. Don't enter your AccessID and password on sites linked from emails. When you access a Wayne State service, just type the address into your address bar yourself. This way you know you are getting where you want to be. If you get an unexpected email message suggesting dire consequences unless you click on a link to login right away, it's probably a phish. Delete phishing messages - do not respond to them. If you are unsure of what to do, contact the C&IT Help Desk. For tips on how to protect yourself and stay safe online, visit security.wayne.edu. Wayne State University Thu, 21 May 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=16737 Alert: "Order" virus spreading across campus http://computing.wayne.edu/news-item.php?id=16883 Update 5/12: Attackers have revised the "invoice" virus to continue finding new victims. The newest version says "Order" in the subject and the body simply says "order data" - the virus is attached in a 24 kb zip file. This is the same attack as yesterday's "invoice" virus. If you receive this message or any other suspicious message, delete it immediately! C&IT is taking all possible steps to contain this virus including blocking the attachment in Wayne Connect email and preventing it from running on DeskTech-managed computers, but your vigilance is essential to protecting our campus! Wayne State email users: An extremely malicious email is spreading rapidly around the University. If you receive an email message with a subject of "invoice" with an attachment, delete it immediately. If you inadvertently opened and ran the attachment, please perform the following steps: Disconnect your computer from the network - either unplug your Ethernet cable or turn off your Wi-Fi connection. Use a different computer to log in and change your AccessID password. Call the C&IT Help Desk at (313) 577-HELP (4357). For more information about Safe Internet Practices, visit security.wayne.edu. If you are concerned about the security of your account, contact the C&IT Help Desk at any time.  Wayne State University Mon, 11 May 2015 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=16883 EDUCAUSE: Stingray Makes Waves from C&IT Faculty Liaison Geoff Nathan http://computing.wayne.edu/news-item.php?id=16189 Wayne State University Mon, 09 Feb 2015 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=16189 Tis the Season for the 12 Cyber-Scams of the Holidays http://computing.wayne.edu/news-item.php?id=15812 Consumers are not the only ones getting ready for the holiday season. Cyber criminals are excited and ready for the shopping season too.  Whether you are going to shop, book travel arrangements, or pay your bills don't let cyber criminals ruin your holiday cheer.  Be cautious and consider the actions you are taking online. Check out twelve common holiday scams from McAfee below. Always remember our most basic security tips: WSU will NEVER ask you to send your AccessID and password in an email message. NEVER share your password with anyone. If you get an unexpected email message suggesting dire consequences unless you click on a link to log in right away, it's probably a phish. For more tips on how to protect yourself and stay safe online, visit the C&IT Security page. If you have additional questions, feel free to contact the C&IT Help Desk at (313) 577-4778 or helpdesk@wayne.edu. Wayne State University Tue, 02 Dec 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=15812 Cyber Security is a C&IT Priority All Year Long http://computing.wayne.edu/news-item.php?id=15667 Wayne State University Mon, 10 Nov 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=15667 Security Tip - the WSU Phish Report http://computing.wayne.edu/news-item.php?id=14957 We're posting weekly tips on how to protect yourself from phishing attacks this October for National Cyber Security Awareness Month. Check out more information here and visit our security website anytime at security.wayne.edu. Have you received a suspicious email? If you think somebody is trying to phish your information - report it! The more we know, the better we can protect the University. It's easy to report phishing emails directly inside your Wayne Connect inbox. Just drag the suspicious email from your inbox and drop it on the WSU Phish Report Zimlet on the left-hand side (check out the picture below). Follow the instructions to send in your report. C&IT posts the most widespread and dangerous phishing emails we learn about (and some more security tips) - check out the Phish Tank at computing.wayne.edu/phishtank to see the latest warnings or just check if we've already heard about your phish. Wayne State University Sun, 26 Oct 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14957 Free Symantec Endpoint Protection 12.1.5 Now Available http://computing.wayne.edu/news-item.php?id=15248 October is National Cyber Security Month, but C&IT has an easy way to keep yourself safe all year: a free download of Symantec Endpoint Protection for all WSU students, staff, and faculty. Symantec Endpoint Protection 12.1.5 is available for Mac, Windows, and Linux and provides enterprise-level antivirus protection and a personal firewall to keep your computer safe. Find more information here. Symantec Endpoint Protection along with responsible computer use will help you not fall prey to viruses, malware, or other attacks. To download your free copy, simply visit the Software Clearinghouse, login with your AccessID and password, then click Free Software. Wayne State has licensed Symantec for use on every work computer and one personal computer for each current student, staff, or faculty member - install it at home to keep yourself safe no matter where you are. For more information on National Cyber Security Awareness month, click here. For assistance with Symantec Endpoint Protection or any other Wayne State computing services, contact the C&IT Help Desk. Wayne State University Wed, 22 Oct 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=15248 Security Tip - Avoid phishing on Facebook and more http://computing.wayne.edu/news-item.php?id=14956 We're posting weekly tips on how to protect yourself from phishing attacks this October for National Cyber Security Awareness Month. Check out more information here and visit our security website anytime at security.wayne.edu. As Facebook and other social networking sites become more popular, phishers have varied their attacks to follow their victims. If you see a post on Facebook offering free gift cards, amazing prizes, or deals that are just too good to be true it's most likely a scam. Check with the company directly before clicking on the post or message the friend who posted the link to make sure they meant to post it and understand what they clicked. Scammers also like to prey on older adults and families too. The Wall Street Journal recently highlighted scams aimed at those over the age of 50. Scams dealing with Medicare, insurance, or retirement savings and scams involving approaching seniors directly via the phone or in person have become increasingly commonplace. Be aware online and offline! Remember to be careful about what you click, what you share, and where you enter your password whether you're checking your inbox, just browsing Facebook, or dealing with people on the phone or in person. Phishers are happy to steal your information any way they can! Wayne State University Sun, 19 Oct 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14956 Security Tip - Learn to Hover http://computing.wayne.edu/news-item.php?id=14955 We're posting weekly tips on how to protect yourself from phishing attacks this October for National Cyber Security Awareness Month. Check out more information here and visit our security website anytime at security.wayne.edu. One of the easiest ways to protect yourself from phishers is to hover over a link before you click. In emails and on websites, attackers can make a link say anything they want. Just because I say CLICK HERE TO VISIT WAYNE STATE'S HOMEPAGE doesn't mean the link actually goes there. That link actually takes you to the WSU Athletics page instead of the home page. Move your mouse over the link and look at the bottom of the screen to see exactly where it will take you before you click. In Wayne Connect the address even shows up in a small pop-up. Read the full website address before you click - the difference between wayne.edu and wayneedu.com seems small, but it could be the difference between a real WSU site and one designed to obtain your information and steal your data. When in doubt, just skip the link and type in the address yourself. Wayne State University Sun, 12 Oct 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14955 Security Tip - Phishing Affects Everybody http://computing.wayne.edu/news-item.php?id=14954 We're posting weekly tips on how to protect yourself from phishing attacks this October for National Cyber Security Awareness Month. Check out more information here and visit our security website anytime at security.wayne.edu. So why does Wayne State care if you get phished? And why should you care if somebody else gets phished? Well, every time somebody is phished it puts all of us at risk. Scammers can send spam from your email address which leads other email providers (like Gmail, Comcast, Hotmail, and other universities) to mark Wayne State as spam and block all of our emails When data is compromised it could include your confidential information - contact info, grades, contracts, research, assignments, bank details, and more Security breaches today are a big deal - Wayne State will make headlines for all the wrong reasons and have to spend upwards of $1 million of your tuition money or budget Phishing affects all of us, so it's everybody's responsibility! Wayne State University Sun, 05 Oct 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14954 October is National Cyber Security Awareness Month http://computing.wayne.edu/news-item.php?id=15086 Every October, the National Cyber Security Alliance hosts National Cyber Security Awareness Month to help people stay safe online. This year Wayne State C&IT is focusing on the dangers of phishing. Phishing attacks use email or malicious websites to obtain your personal and financial information to steal your money, your private data, your important information, and more.  This October, C&IT is asking you to test your cyber security knowledge by taking a quiz designed specifically for the Wayne State community. The goal of this brief quiz is to help you recognize the warning signs in a phishing message. Heightened awareness helps protect you and all members of the Wayne State community! Check your Wayne Connect inbox in early October for your personal invitation to the phishing survey! Every completed quiz will be automatically entered in a drawing to win one of two prizes. Students are eligible for a $100 gift card to Barnes & Noble. Employees are eligible for a Wayne State prize pack. Winners will be notified in early November.  We will post tips and tricks to keep yourself safe weekly on computing.wayne.edu. Visit throughout the month of October or follow us on Twitter @WayneStateCIT to keep posted! Here are a few important things to remember if you receive a suspicious email: Wayne State will never request your username, password, or other personal information (ex. social security number) via email. Check before you click! Phishing attempts might take you to a website designed to look like that of a bank or other service provider. Check to make sure the URL is correct before you enter any personal information. Report them. You can drag and drop the suspected email on to the Phish Report Zimlet in Wayne Connect. Security is a C&IT priority all year - find comprehensive security info anytime at security.wayne.edu. Wayne State University Mon, 29 Sep 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=15086 WSU C&IT in Michigan's First Cyber Incident Response Exercise http://computing.wayne.edu/news-item.php?id=14541 Wayne State's Kevin Hayes met last week with the other members of the Michigan Cyber Civilian Corps (MiC3) for a first-of-its-kind cyber incident response exercise. What on Earth does that mean? C&IT's Information Security Officer (our lead man in the fight against hackers, phishers, and more) met in Grand Rapids with other members of MiC3 (imagine volunteer fire-fighters for cyber security) to practice exactly what they might be able to do in the event of a serious cyber-attack on infrastructure within Michigan. MiC3 joined forces to defend the virtual town of Alphaville against attacks from the West Michigan Cyber Security Consortium. "I am thrilled at our performance at the cyber exercise," said Wayne State's Kevin Hayes. "This was our first time working together in a simulated high-pressure environment, and everybody was able to communicate and delegate with success. Our team has skilled individuals who were able to identify the malware and attack vectors of the incoming attacks as the exercise progressed, which is even more impressive given that our scenario was combating a new and unknown environment. While this was an important exercise with regards to building our cyber team and dealing with unknown situations, it was an extremely fun one as well." Cyber security is always a priority at C&IT. Explore our security site anytime at security.wayne.edu and keep an eye out for an extra focus in National Cyber Security Awareness Month every October. For more information on last week's event, click here. Visit www.micybercorps.org to learn about MiC3 and discover upcoming events! Wayne State University Wed, 30 Jul 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14541 ProfTech: Phishing is getting better (and the pain is worse) http://computing.wayne.edu/news-item.php?id=14255 Wayne State University Mon, 02 Jun 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14255 Phishing Alert: "Congested Accounts" Scam http://computing.wayne.edu/news-item.php?id=14265 Scammers continue to target Wayne State. Check out a copy of the latest email below and remember: Never share your password Be cautious about clicking on links - double-check the website address when you get there Keep an eye on the content of the email and the sender From: "noreply@wayne.edu" Sent: Tuesday, June 3, 2014 3:12:48 PM This Is to Inform all account Users, That the Web-mail Admin is Currently Congested, So We Are Deleting Inactive Accounts. Please click on this link http://webmail-wayne.webs.com/ to Notify us That your Account Is Active to avoid deactivation. Send Feedback | Privacy & Security | Copyright © 2014 All rights reserved. Wayne State University Mon, 02 Jun 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14265 Phishing Alert: Attack Designed to Alter Your Payroll Information http://computing.wayne.edu/news-item.php?id=14228 Wayne State C&IT has seen multiple instances of new phishing attacks designed to acquire employee AccessIDs and passwords and use them to redirect paychecks to third-party accounts. Similar attacks have been used to gain credentials of dozens of users at University of Michigan, Duke, Boston University, and more. An example of the most recent phishing email sent to Wayne State users is below. To keep yourself safe from phishing attacks, always keep these tips in mind: Wayne State will never ask you for your password - do not share your password with anybody, including trusted individuals from Wayne State. If you receive an email directing you to a login page, look at the actual address of the website (the URL) once you arrive. Emails might have a link that looks legitimate, but directs you to a dangerous site. Verify that the page is what you expected. Don't be deceived just because the word "wayne" is in it - look carefully! For added safety, type in trusted URLs yourself instead of clicking on links from emails. If you have any suspicions, it's always better to contact the Help Desk before clicking or entering your password. You can check the safety of your direct deposit information at any time - simply visit your payroll information in Pipeline or Academica. You can also sign up to receive text alerts if your information as changed - visit broadcast.wayne.edu and look for Payroll. If you see any issues or have any concerns about the security of your account, contact the C&IT Help Desk as soon as possible. Wayne State University Wed, 28 May 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14228 Phishing Alert: Scammers Renew Their Attacks on WSU http://computing.wayne.edu/news-item.php?id=14197 C&IT has received multiple notices of new phishing attempts. These emails are especially dangerous as the senders have used the Wayne State name and email logos. Please be mindful of the security tips you already know - never share your password, always doublecheck the URL to make sure that "wayne.edu" is the LAST text before a slash, and it's always safer to call the Help Desk if you are suspicious of an email. If you have entered any information on any site you now suspect to be suspicious or have any other security concerns, contact the C&IT Help Desk as soon as possible. The full text of the phishing emails is below: Dear user,   Your Zimbra webmail has been blocked due to spammed mails and you can no longer send out mails,  click on Reactivate my account to restore your spam filter so you could start sending and receiving mails.     Thank you. Secured Authentication Copyright © 2014 Zimbra Webmail.   Dear Webmail User   Verify this account now!!!! For your own safety or your account will be deleted within 48hours. You will have to verify your account by clicking on (https://secure.zimbra.edu/ verifyf?intl=us&partner= cancelrequest) We apologies for any inconvenience.   NOTE: Do not share your password with anyone for security purpose.   Thanks, Webmail Admin  ----------------------------- ------------------------- Please do not reply to this message. Mail sent to this address cannot be answered. Wayne State University Mon, 19 May 2014 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=14197 Phishing Alert: "This Mail is from Administrator Help Desk" http://computing.wayne.edu/news-item.php?id=13412 UPDATE 2/13/14: C&IT security specialists have advised the Wayne State community to be especially aware of phishing emails coming from addresses ending in "@siena.edu" and websites with URLs ending in "jimdo.com". Be cautious and remember: never share your password. C&IT has received multiple notices of a new phishing attempt. This email is especially dangerous as the senders have used the Wayne State name both in the linked URL and in the email address display name. Please be mindful of the security tips you already know - never share your password, always doublecheck the URL to make sure that "wayne.edu" is the LAST text before a slash, and it's always safer to call the Help Desk if you are suspicious of an email. If you have entered any information on this site or have any other security concerns, contact the C&IT Help Desk as soon as possible. The full text of the phishing email is below: From: "WSU Help Desk" <bm21bodm@siena.edu> Sent: Thursday, February 6, 2014 3:36:57 PM Subject: This Mail is from Administrator Help Desk Your mailbox is full.   138MB    131MB      Your mailbox can no longer send messages. This is the Help desk Program that periodically checks the size of your e-mail space. The program runs to ensure your inbox does not grow too large, re-validate your email CLICK HERE for update of your Email. Failure to submit the admin required info for update it will render your e-mail in-active from our database. Help desk! Account Services Wayne State University Thu, 13 Feb 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=13412 Tomorrow - Data Privacy Webinar: Location, Location, Location http://computing.wayne.edu/news-item.php?id=13290 Kick off Data Privacy month by joining your colleagues for the free EDUCAUSE Live! Data Privacy Webinar: Location, Location, Location.  Speaker: Robert Ellis Smith, privacy expert and publisher of Privacy Journal Date: January 30, 2014 Time: 1-2 p.m. ET Location: TRC located in the Purdy/Kresge Library Description: Join C&IT for this free, hour-long webinar, "Location, Location, Location." Two contradictory federal court decisions in 1979 and in December 2013 focus on whether the National Security Agency’s massive data collection program is constitutional. The NSA argues that their actions are legal because they do not probe into the content of phone calls, only the digits dialed to and from a phone. A 1979 U.S. Supreme Court opinion held that collecting data on dialed phone numbers, but not acquiring the content of the calls does not require a prior court order. Today that decision is no longer fitting. The extent to which many people rely on their phones means dialing information establishes patterns of personal relationships and can reveal private interests, needs, and even our locations. This information can include employment or credit information, and can be far more sensitive than our commonly disclosed medical and financial records. It has the potential to be every bit as revealing and damaging as the content of our conversations.  Everyone who is exposed to this new technology must recognize this new reality. The principles of fair information practice do not fit this important change in sensitivity. And, of course, the new reality may change again in an instant. This is an example of how learning the historical development of privacy concerns helps us focus our efforts on what is most important today, not on concerns of the last century. Light refreshments will be provided. Wayne State University Wed, 29 Jan 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=13290 Phishing Alert: "Centre Wayne" http://computing.wayne.edu/news-item.php?id=13321 C&IT has received reports of a new phishing email directed at members of the Wayne State community - a copy of the message and a screenshot of the phishing site are below. Remember: never share your password with anybody, including people or entities claiming to represent Wayne State. If you are suspicious of a site, check the address bar. If the last characters before the slash are not "wayne.edu", DO NOT enter your AccessID or password. If you have any questions or you are concerned about the security of your account, call the C&IT Help Desk immediately at (313) 566-4778. Wayne State University 42 W. Warren Ave. Detroit, MI 48202 (313) 577-2424 A private message have been sent to you by the HEAD of department. Use the link below to Login and view your message. hxxp://news-upwayne-state-university.yolasite.com/ Sign. HEAD of department Info Centre Wayne 2014 Wayne State University Wayne State University Wed, 29 Jan 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=13321 Phishing Alert: "Validate Mailbox!" Message http://computing.wayne.edu/news-item.php?id=13303 C&IT has heard numerous reports of a new phishing attempt aimed at members of the Wayne State community. If you see the message below, DO NOT REPLY, do not click on the link, and delete it immediately. If you believe you have fallen victim to this phish or have any other concerns about the security of your account, call the C&IT Help Desk at (313) 577-4778. Full contact details can be found at the bottom of this page. From: Wayne State University Help Desk   To:  Sent: Thursday, January 23, 2014 3:15 PM  Subject: Validate Mailbox!  kindly visit our scheduled Internet Validation Form! CLICK HERE to validate your account.  For more information on phishing, visit http://www.computing.wayne.edu/security/phishing.php. Wayne State University Thu, 23 Jan 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=13303 "C&IT Help Desk Team" Phish Reported http://computing.wayne.edu/news-item.php?id=13157 C&IT began receiving reports of the below phishing message on December 26. If you see this message, please delete it right away and do not click on the link. If you have clicked the link or have any concerns about the security of your account, please contact the C&IT Help Desk at (313) 577-4778. Subject: C&IT Help Desk Team From: "C&IT Help Desk" <at03craw@siena.edu> To: undisclosed-recipients:; Due to the recent upgrade in our C&IT server to serve you better, Please note that all WSU users are mandated to update their login details in other to enjoy the new upgrade. You would be blocked from sending and receiving emails if not confirmed within 24hrs of receiving this automated mail.You are required to update through the link below. UPGRADE HERE <http://webmailwayneeduupdate.jimdo.com/> 2013 Wayne State University Wayne State University 42 W. Warren Ave. Detroit, MI 48202 Wayne State University Thu, 02 Jan 2014 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=13157 "Update Your Account" Phish http://computing.wayne.edu/news-item.php?id=13104 C&IT has received reports of a new phishing message sent specifically to Wayne State email addresses. There is no malware or other dangerous software attached to the email, so your computer is not at risk. The linked page has also been blocked on the Wayne State networks, but you can still access it from off-campus. If you have fallen victim to this message or have concerns about the security of your account, please contact the C&IT Help Desk as soon as possible at (313) 577-4778. The message is shown below. From: WSU Help Desk <ar10icke@siena.edu> Date: December 13, 2013 3:38:16 PM GMT-05:00 To: undisclosed-recipients:; Subject: Update Your Account To avoid service interruption.   Dear: Wayne State University Webmail Email Account users.   Alert emergency system and Wayne State University Emergency Notification System, Please make sure you updated your account information per the instructions below.   Simply Click on the link to updated your account   http://updatesecure.jimdo.com/   NOTE:If unable to click the link, you are advised to copy and paste it in a new browser. Regards, Mail System Administrator Copyright 2013 E-mail Account Upgrade --------------------------------------------------------- Copyright © 2013 Corporation. All rights reserved. Webmail Maintenance Team Wayne State University Fri, 13 Dec 2013 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=13104 Phishing Scams and Identity Theft common during the Holiday Season http://computing.wayne.edu/news-item.php?id=12927 Consumers are not the only ones getting ready for the holiday season. Cyber criminals are excited and prepared for the shopping season too.  Whether you are going to shop, book travel arrangements or pay your bills don't let cyber criminals ruin your holiday cheer.  Be cautious and consider the actions you are taking online. Fraudulent emails adopt many different forms and may appear legitimate by incorporating company brands, colors, or other legal disclaimers from common sites like UPS, Amazon, and Fedex. For more examples, check out the Department of Homeland Security article on seasonal scams. Before you click, remember: WSU will NEVER ask you to send your AccessID and password in an email message. NEVER share your password with anyone. If you get an unexpected email message suggesting dire consequences unless you click on a link to log in right away, it's probably a phish. For more tips on how to protect yourself and stay safe online, visit the C&IT Phishing information page. If you have additional questions, feel free to contact the C&IT Help Desk at (313) 577-4778 or helpdesk@wayne.edu. Wayne State University Wed, 20 Nov 2013 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=12927 Phishing Alert - "Urgent Notice!" http://computing.wayne.edu/news-item.php?id=12897 Wayne State C&IT has received reports of a new phishing attack designed to acquire your AccessID and password. The email, with subject line "Urgent Notice!" reads as follows: Dear User, Due to the recent phishing attacks all active users are to secure their accounts via the attachment on this email. Do so immediately to avoid service suspension Wayne IT Secure The attached page is shown below. C&IT has blocked access to this page on the Wayne State networks, but you can still fall victim to this scam off campus or on a mobile computing device. DO NOT enter your AccessID and password on this page. If you receive this email, delete it immediately. If you have fallen victim to this phishing email or have any other concerns about the security of your account, please contact the C&IT Help Desk ASAP at (313) 577-4778. Wayne State University Wed, 13 Nov 2013 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=12897 Adobe Password Breach http://computing.wayne.edu/news-item.php?id=12852 You may be aware that Adobe was recently the victim of a hack of over 153 million accounts that exposed millions of passwords and password hints, among other confidential information. C&IT has analyzed the information that was made public to find risks to our users and found that over 3500 of these accounts belong to users who signed up with a Wayne State email address. Many more Wayne State users are at risk that we cannot identify simply because they created their account with a different email address. If you have an Adobe account, change your Adobe password immediately and be sure to change the password of any account that shares this password. To keep yourself safe in the future, do not use the same password for multiple accounts and use a password manager such as LastPass to store each unique password and keep keep them all safe. If you need any assistance or are concerned about the security of your Wayne State account, contact the C&IT Help Desk at (313) 577-4778 or helpdesk@wayne.edu. Wayne State University Thu, 07 Nov 2013 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=12852 Phishing ALERT - CryptoLocker Ransomware Threat http://computing.wayne.edu/news-item.php?id=12814 Wayne State email users have been targeted with email attacks that infect Windows computers with a "ransomware" virus called CryptoLocker.  What does this virus do? When this virus infects a system, it immediately encrypts the user's data and possibly the data on any external drives (such as USB/thumb drives) or network share drives to which the machine is currently connected. Once the data has been encrypted, the virus prompts the user to pay money by a specified deadline to decrypt the data. If there is no response before the deadline, the key to decrypt files specific to the encrypted machine is destroyed. Once the files are encrypted there are no other alternatives EXCEPT to recover the data from an offline backup. What does this virus look like? A screenshot of CryptoLocker is below. If you see this on your computer, do not attempt to resolve the problem. See the "What should I do if I get infected?" section below. Will your Antivirus program protect you? At this time, both Symantec and other major antivirus vendors have updated signatures to this virus and prevent its infection. However, they do NOT not have a way to decrypt the files once they have been encrypted.  It is critical that you keep your antivirus active and updated daily. Remember, Wayne State students, faculty, and staff can download Symantec Endpoint Protection for free at clearinghouse.wayne.edu by following the yellow Visit Clearinghouse button, entering your AccessID and password, and clicking on the Free Software link at the top of the page.  What you can do to protect your computer and your data? Do NOT open attachments from people you are not expecting to get attachments from. This includes emails from printers saying they have sent you a scanned document, or from shipping companies stating there is a customer support issue. Continue to keep your antivirus signatures updated. Store your important files on the network which is recoverable and backed up daily. Contact your local support person for advice. What should I do if I get infected? Immediately disconnect your network cable or wireless switch, turn off your computer, and contact the C&IT Help Desk at (313) 577-4778. Do not attempt to move files or circumvent the problem. What is C&IT doing about it? We have blocked email to campus mail servers that match known signatures for these attachments. However, be aware that attackers often make subtle changes to circumvent such controls. We are monitoring for any evidence that this ransomware has impacted campus machines. We are staying on top of developments and other means to thwart this attack. We are working with IT groups across campus to implement awareness and technical control measures. Wayne State University Wed, 06 Nov 2013 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=12814 New Phishing Email: "DEAR STAFF OF Wayne State University" http://computing.wayne.edu/news-item.php?id=12639 Wayne State C&IT has received reports of a new phishing email. A screenshot of the "DEAR STAFF OF Wayne State University" message appears below (click for a larger copy). The message is NOT LEGITIMATE and was NOT SENT by Wayne State University. Mousing over the link in the email message would reveal that the link does not connect to any official Wayne State webpage. If you received this message, please delete it immediately. Do NOT click on any of the links. If you did click on the link and entered your AccessID and password on the fake login page, please contact the C&IT Help Desk immediately at (313) 577-4778. Stay up-to-date with the latest phishing messages that have been caught at Wayne State. Visit the PhishTank: http://computing.wayne.edu/phishtank ​ Wayne State University Mon, 14 Oct 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=12639 Email Phish Warning: "New Course Form" http://computing.wayne.edu/news-item.php?id=11746 Wayne State students, faculty, and staff have reported a new phishing email that claims to be from Blackboard. A screenshot of the "New Course Form" message appears below. The message is NOT LEGITIMATE and was NOT SENT by Wayne State University. Mousing over the link in the email message would reveal that the link does not connect to Wayne State's Blackboard server, blackboard.wayne.edu. If you received this message, please delete it immediately. Do NOT click on any of the links. If you did click on the link and entered your AccessID and password on the fake login page, please contact the C&IT Help Desk immediately at (313) 577-4778. Stay up-to-date with the latest phishing messages that have been caught at Wayne State. Visit the PhishTank: http://computing.wayne.edu/phishtank   Wayne State University Wed, 28 Aug 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11746 Caution: "Urgent Notice" Phishing Email http://computing.wayne.edu/news-item.php?id=12041 Wayne State C&IT has received multiple reports of a phishing email being sent to faculty, staff, and students today. A screenshot of the image is below. Be aware that this email is not from Wayne State. The link takes you to a page that looks exactly like the Wayne Connect login page - THIS IS A FAKE PAGE. Do not click links in any suspicious emails and when accessing a Wayne State login page, type the URL or access the page via your own bookmark. If you have fallen victim to this phishing scam, call the C&IT Help Desk immediately at (313) 577-4778. For more information, you can always visit security.wayne.edu. Wayne State University Sun, 21 Jul 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=12041 Phishing Alert: "Webmaster of Wayne State University!" http://computing.wayne.edu/news-item.php?id=11844 C&IT has been alerted of a new phishing attempt designed to steal your Wayne State account credentials. Always keep in mind some basic tips for protecting your information - only enter IDs and passwords on websites you know you can trust. Wayne State will never ask you for your password. Find a copy of the phishing attempt below. Subject: Webmaster of Wayne State University! Date: Mon, 10 Jun 2013 14:56:17 +0300 From: WSU <help@it.net> To: Recipients <help@it.net> Your University's Email account has been sending numerous spams emails from a foreign ip recently. As a result you may not be able to send new mail. However, you might not be the one promoting this Spam, as your e-mail account might have been compromised. To protect your account from sending spam mails, You are to confirm your true ownership of this account, Kindly follow the link below to confirm your ownership of the account. http://www.123contactform.com/sf.php?s=preview-601907&styleid=79172 Failure to do this will violate the University Policy. This will render your account inactive. NOTE!!: You will be sent a password reset message within 48 hours after undergoing this process for Security reasons. The office of Information Security will keep this updated if information should change, but we encourage all users to run their updates after the expected release of this patch. Wayne State University 42 W. Warren Ave. Detroit, MI 48202 (map) (877) WSU-INFO E-mail: support@it.net Wayne State University Mon, 10 Jun 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11844 Email Phish: "URGENT: IMPORTANT NOTICE" aka SpamKiller http://computing.wayne.edu/news-item.php?id=11804 Wayne State students, faculty, and staff have reported a new phishing email that claims to be from the "Management of Wayne State University" and includes an attachment with a fake "SpamKiller" installer. A screenshot of the "URGENT: IMPORTANT NOTICE" message appears below. The message is NOT LEGITIMATE and was not sent by Wayne State University management.  If you received this message, please delete it immediately. Do NOT open the SpamKiller attachment. It takes you to a fake login screen (seen here), where it will capture your AccessID and password and send them to Bad People. If you have already opened the attachment and filled out the form, then change your AccessID password immediately.  If you need assistance, please contact the C&IT Help Desk at (313) 577-4778. Stay up-to-date with the latest phishing messages that have been caught at Wayne State. Visit the PhishTank: http://computing.wayne.edu/phishtank If you have any questions or concerns about the security of your account, please contact the C&IT Help Desk immediately at (313) 577-4778. Wayne State University Tue, 04 Jun 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11804 Keep your inbox free of spam with custom filters http://computing.wayne.edu/news-item.php?id=11514 Wayne State University Wed, 24 Apr 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11514 Email Phish: "Emergency Notice" http://computing.wayne.edu/news-item.php?id=11508 Wayne State University has been the recipient of a new email phishing campaign, with numerous staff, faculty, and students reporting the following malicious email being delivered to them.  Please review this message and be aware that it is NOT LEGITIMATE and was not sent by Wayne State University.  All persons are advised to delete this message immediately if they receive it, and to NOT click on any of the links contained within. Please note the following characteristics of this latest Phishing attempt: The sender's address is NOT from wayne.edu; Poor capitalization; Different mismatching font sizes; Asking you to visit a link that DOES NOT end with wayne.edu; Asking you for your login information.   Keep yourself aware of the latest phishing messages affecting the University by visiting the PhishTank at http://computing.wayne.edu/phishtank.  If you have any questions or concerns about the security of your account, please contact the C&IT Help Desk immediately at (313) 577-4778. Wayne State University Mon, 22 Apr 2013 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11508 Alert: Very Realistic New Phishing Attempt http://computing.wayne.edu/news-item.php?id=11118 Over the past few days Wayne State C&IT has been alerted about an email that was sent to many Wayne State faculty, staff, and students. This email looked like information about a Webmail Update. If you received this email, hopefully you recognized it as a phishing attempt. Unfortunately, this was one of the best phishing attempts we’ve seen. This scam was designed not only for users of Wayne Connect, but also those who forward their email and those who use an email client such as Microsoft Outlook. Take a look at the email (screenshot below, click for a larger view) and look for the signs that this was not a legitimate Wayne State communication. You might have noticed the From: field had a non-wayne.edu email address, the email did not use the words Wayne Connect, and the email was not formatted like most official Wayne State emails. These are all warning signs that this is a phishing email. Finally, the link led to a page that was nearly identical to the Wayne Connect login page. The final check is to look at the web address at the top of your browser. If it’s not connect.wayne.edu (or whatever website you mean to be on), close the window and type the address in yourself.  If you ever receive an email that you suspect at all of being a phishing attempt, delete it or report it immediately. For the security of your account, the safest way to access Wayne Connect or any service requiring a user ID and a password is to type the URL into your address bar. Links can trick you, but if you type in the address you know where you’re going. Wayne State University Mon, 04 Mar 2013 00:00:00 EDT http://computing.wayne.edu/news-item.php?id=11118 "Wayne Notification Service" Phishing Attempt http://computing.wayne.edu/news-item.php?id=11446 Wayne State users have recently been reporting the following phishing attempt arriving in ther inboxes. Please be aware that this is a scam and delete it immediately. Remember, scammers often alter an email and send it multiple times in an effort to get past filters - you may receive an email that is not identical, but is still a phishing attempt. If you ever suspect you are the victim of a phishing scam at Wayne State, contact the C&IT Help Desk at (313) 577-4778 immediately.   From: Wayne Notification Service <65776565434@libero.it> Date: September 20, 2012, 8:29:25 AM EDT To: undisclosed-recipients:; Subject: Wayne Notification Service Reply-To: Wayne Notification Service <65776565434@libero.it>   Checkout the new WAYNE webmail, its secured, faster and easy, you can give it a try by signing with your correct user and password. click here to sign in: Connect to New Wayne email interface Thanks Wayne Notification Service This message included a link to the following fake Wayne Connect login page. Account credentials entered here were used to compromise WSU security.   Wayne State University Tue, 11 Sep 2012 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11446 "Confirm Your Email Identity Now" Phishing Attempt http://computing.wayne.edu/news-item.php?id=11447 Wayne State students, staff, and faculty have recently been receiving the following phishing attempt. Remember: never share the account details for any account via email. If you suspect you have been the victim of a phishing scam at Wayne State, call the C&IT Help Desk at (313) 577-4778.   Wayne State University Sat, 05 Nov 2011 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=11447 Students: Beware of WSU scholarship scam in your email http://computing.wayne.edu/news-item.php?id=6702 A scam email is going around this week asking students to apply or sign up for a $2,000 scholarship from Wayne State -- before May 31 or "soon". This email is a phishing attempt to obtain your personal information. REMEMBER: Wayne State will NEVER send an email asking you for personal information, such as your password, birth date, or social security number. You don't have to question the authenticity of such messages -- simply discard them. More information about phishing or suspicious e-mail -- what to do if you receive one and how to report them -- is available on C&IT's website at: http://computing.wayne.edu/email/phishing.php Also note that C&IT staff have adjusted the university's anti-spam appliance to catch these emails and are attempting to block all emails from the address being used. If you have additional questions or already applied to one of these scam emails, you can contact the C&IT Help Desk at (313) 577-4778 or helpdesk@wayne.edu. Wayne State University Tue, 24 May 2011 23:00:00 EDT http://computing.wayne.edu/news-item.php?id=6702