National Cyber Security Awareness Month

October is National Cyber Security Awareness Month (NCSAM). Sponsored by the National Cyber Security Division within the Department of Homeland Security and the National Cyber Security Alliance, NCSAM has, since its inception in 2004, promoted educating the public about cyber security threats, how to recognize and prevent them, and how to remain safe while online.

In a series of articles presented over the next few weeks on the Technology Service Center blog, we’ll address some of the most pressing cyber security issues and how they affect the average online user. These articles will cover such topics as identity theft and how to prevent it, and scams, phishing, hoaxes, and other tricks of the cyber theft trade. You’ll find these, and other pertinent IT Information at:  http://sites.sju.edu/oit/

In addition, we’re also gearing up for a presentation in October entitled Cyber Security: Protecting Your Data – Protecting Yourself. Keep an eye out for these and other upcoming events and announcements.

If you have any questions, please contact  the SJU Technology Service Center at techhelp@sju.edu  or Ben Jezierski, IT Training Coordinator at bjeziers@sju.edu.

Welcome back, Students!

Welcome back to Hawk Hill!

We hope you had a wonderful summer.  While you were hopefully enjoying the weather, we in Information Technology had a very busy and productive few months! Here are just a few of the things you can look forward to now that you are back on campus:

– the opening of our new Technology Service Center (TSC) in Science Center 129

– student email has been transitioned to Gmail

– the new Hawk Card which can be used at ACME, CVS, Dake’s Drugstore, Dana Hot Yoga, Hess Express, Fellini’s Cafe, KFC, Landmark Americana, Larry’s Steaks, and Taco Bell

– improved wireless in Mandeville Hall

– the addition of wireless in the Fieldhouse and the Ramsay Center

– training workshops during Free Period designed specifically for students (topics include: Pivot Tables,  Charts and Graphs, Tables of Contents, and Footnotes and Bibliographies)

More information can be found on each of these topics on our Twitter (https://twitter.com/sjuit) or by liking us on Facebook at http://www.facebook.com/SJUTSC.

Have a great semester!

Gone Phishing

According to the website New Jersey Info Secure, phishing is defined as “… a scam in which an email message directs the email recipient to click on a link that takes them to a web site where they are prompted for personal information such as a pin number, social security number, bank account number or credit card number.” (State of New Jersey, 2008).

Once obtained, this information can be sold to various marketing agencies for profit, or used by cyber criminals to commit identity theft in order to empty bank accounts  or to facilitate fraudulent purchases.

In January of 2010, TechAdvisory.org presented the following figures related to phishing scams and their effects on the Banking industry:

  • Each phishing attack involves a very small percentage of customers (0.000564%), but due to the large number of phishing attacks, the aggregated number is significant
  • 45% of bank customers redirected to a phishing site divulge their personal credentials
  • 0.47% of bank customers fall victim to phishing attacks each year, translating to $2.4M-$9.4M in annual fraud losses per one million clients
  • Each financial institution was targeted, on average, by 16 phishing websites per week, translating to 832 phishing attacks per year per bank brand (Tailwind Interactive,Ltd., 2010)

Don’t Take the Bait

Knowing that devistating financial losses can occur to victims of phishing scams, it’s important to be able to spot these emails before responding to to them.

PhishTank provides the following clues for identifying fraudulant phishing emails (examples are my own):

  • Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like “First Generic Bank Customer” so they don’t have to type all recipients’ names out  and send emails one-by-one. If you don’t see your name, be suspicious.

“Hello Dear,

My name is Miss Aminata Bangali, resident in Ghana, Africa: The main reason I have decided to contact you today is i seek your assistance to helping me transfer my INHERITED MONEY DEPOSITED IN A SECURITY AND FINANCE COMPANY in MADRID SPAIN to your country for investment.

  • Forged link. Even if a link has a name you recognize somewhere in it, it doesn’t mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepency, don’t click on the link. Also, websites where it is safe to enter personal information begin with “https” — the “s” stands for secure. If you don’t see “https” do not proceed.

“In order to verify your correct account information and ensure that your account remains open, please visit: http://www.ebayusergroup/accounts-updatemyinfo.com”

  • Requests personal information. The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.

“And also 10% had been mapped out for you for the expense you will make in this transaciton and 50% is for me. I need your informations so that Iwill send you the application form.

YOUR FULL INFORMATIONS
Your Name………
Your Home Addresses.. ….
City.. ……
Country.. ……
Home Telephone.. …..
Private Telephone.. ……”

  • Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim. (PhishTank)

“I am asking for your partnership in re-profiling funds ($18.350.000 Million) i am contacting you because you live outside Hong Kong. Finally, note that this must be concluded within two weeks. Kindly write back and i look forward to hear from you so i can give you more information about myself and the nature of the funds.”

As seen in the above examples, misspelled words and incorrect punctuation are also indicators of fraudulant emails.  Phishing scams are bulk e-mails, so their perpetraitors don’t have a lot of time to focus on the details.

Don’t Get Caught

The Federal Trade Commission offers the following tips to avoid becoming the victim of a phishing scam:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply.  And don’t click on the link in the message, either. Legitimate companies don’t ask for this information via email.
  • Area codes can mislead. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a “refund.” Because they use Voice Over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business      with, call the number on your financial statements or on the back of your credit card. In any case, delete random emails that ask you to confirm or divulge your financial information.
  • Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your      knowledge.
  •  Don’t email personal or financial information. Email is not a secure method of transmitting personal      information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have      forged security icons.
  • Review credit card and bank account  statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of  days, call your credit card company or bank to confirm your billing address and account balances.
  • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of  who sent them. These files can contain viruses or other software that can weaken your computer’s security.
  • Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.
  • If you believe you’ve been scammed, file your complaint at ftc.gov, and then visit the FTC’s Identity Theft website at www.consumer.gov/idtheft. (Federal Trade Commission, 2006)

If you feel that you may have responded to a phishing attempt, If you’re unsure, please contact the SJU Technology Service Center (TSC) at x2920  or by email at techhelp@sju.edu. Remember: The TSC will NEVER ask you for your password or Social Security number.

Sources:

Federal Trade Commission. 2006. FTC Consumer Alert. Federal Trade Commission. [Online] October 2006.

PhishTank. What is phishing? PhishTank. [Online] http://www.phishtank.com/what_is_phishing.php.

State of New Jersey. 2008. State of New Jersey. New Jersey Info Secure. [Online] October 2008. http://www.state.nj.us/njinfosecure/newsletters/approved/200810.html .

Tailwind Interactive,Ltd. 2010. New Study Reveals Extent of Losses Due to Phishing Attacks. TechAdvisory.org. [Online] January 1st, 2010. http://www.techadvisory.org/2010/01/new-study-reveals-extent-of-losses-due-to-phishing-attacks/.

 

 

 

 

 

National Cyber Security Awareness Month

October is National Cyber Security Awareness Month (NCSAM).  Sponsored by the National Cyber Security Division within the Department of Homeland Security and the National Cyber Security Alliance, NCSAM has, since its inception in 2004, promoted educating the public about cyber security threats, how to recognize and prevent them, and how to remain safe while online.

According to the July 26, 2011 edition of the eMarketer Blog, an estimated 148 million US consumers purchased something online.  Internet Retailer estimates that retail sales reached $44.1 billion by the end of 2010.  Each of these online transactions required some form of sensitive information like Credit Card numbers, Checking Account numbers, or PayPal Account information.

Looking at the figures, it’s pretty easy to see why cyber security has become an ever-increasing area of concern.

In a series of blogs presented over the next several weeks, I’ll be exploring some of the most pressing cyber security issues and how they affect the average online user.  These blogs will cover such topics as identity theft and how to prevent it, and scams, phishing, hoaxes, and other tricks of the cyber theft trade.

In addition, we’ll be gearing up for a presentation in October entitled Cyber Security:  Protecting Your Data – Protecting Yourself.  Keep an eye out for these and other upcoming events and announcements.

I should also mention that the new IT Training Room is almost finished. I’ve received several e-mails asking about when training classes will resume.  Our plan is to begin offering classes again during the first week of September.  Aside from the standard intro courses, we’ll be offering a complete menu of custom courses, Master Courses offering certificates of completion, and for the first time, we’ll also be featuring a few courses during free period specifically developed for students.

If you have any questions, please contact Ben Jezierski, IT Training Coordinator at Ext. 3386, or by e-mail at bjeziers@sju.edu.

The Help Desk is Moving!

On Wednesday, August 8th, the Information Technology Help Desk will be moving to Science Center 129 into the newly renovated Technology Service Center (TSC).  On Wednesday, during the move, our staff will still have email access and we will continue to have staff at our current location in Barbelin 30.  During the transition to the Technology Service Center, you can reach us the way you normally would at helpdesk@sju.edu or by calling x2920.

On Monday, August 13th, we will officially open the TSC  in Science Center 129.

Our hours until the start of the Fall semester will be:

Monday – Thursday: 7:30-6:30

Friday: 7:30-5:00

We will continue to provide updates about the TSC on our Twitter (https://twitter.com/sjuit) and the TSC blog (http://sites.sju.edu/oit/).  Pictures of the construction progress can be seen by liking us on Facebook at http://www.facebook.com/SJUTSC.

We look forward to your feedback about our new location!

Student Email Transition

We wanted to notify you of some exciting news!  We are in the process of transitioning your SJU email account to a new email system powered by Google.

This new system will provide email to all SJU students, as well as a suite of other Google products that will enable our University to better communicate.  As of today, the target go live date is August 14th, 2012.

What do I need to do?
Nothing for now. Your old email address won’t change, and you will be able to access and import all of your old messages into the new system. Once we turn on your new Google-powered account, you’ll be able to search and access all your mail from any internet-connected computer.

What will I get?

 

  • 25 Gigabytes of email storage. No more worries about having to delete mail.

 

  • Google Calendar to schedule meetings, create events, and share calendars with others.

 

  • Access to your information from anywhere with an internet connection, including your mobile device.

 

We will be in touch again when we get closer to completing the transition to Google Apps on August 14th, 2012.

Support for OS X Mountain Lion

Apple has released OS X Mountain Lion(10.8) this week, and the Office of Information Technology will test the new operating system before supporting it for the University community.

While the update from OS X Lion (10.7) to Mountain Lion isn’t expected to be as dramatic as was the move from Snow Leopard  (10.6) to Lion (10.7), OIT still needs to test key applications and University systems with the new operating system.

Some common software applications, such as Adobe CS 5, have already been reported to have issues with Mountain Lion. A great resource for checking application compatibility is RoaringApps.

OS X Mountain Lion will be available for free on University-owned computers per SJU’s site license with Apple; there is no need to pay to upgrade University-owned computers to Mountain Lion.  You will not need to purchase this upgrade separately for your computer.

As soon as OIT’s testing is complete, support for OS X Mountain Lion will be announced to the University community.

More details about OS X Mountain Lion are available on Apple’s website. If you have questions, please contact us at techhelp@sju.edu or 610-660-2920.

Big News from Fr. Gillespie – Launch of SJU’s New Website!

Dear Colleagues,

 

I am pleased to inform you that Saint Joseph’s will launch its new image campaign – “That’s The Magis – Live Greater” – in conjunction with the opening ceremonies of the 2012 Summer Olympics on Friday, July 27.  The University has secured a lead sponsorship for all 17 days of coverage in the NBC10 region, and we hope you share our enthusiasm about this opportunity to broadcast the distinct advantages of a Saint Joseph’s education to our primary audiences.

 

The sponsorship package includes both 30-second commercials (40 total) and five-second “billboards” (70 total) throughout the opening ceremonies, prime time and weekend coverage, and the closing ceremonies on August 12.  In addition, NBC10 will broadcast the daily “10! Show” live from Saint Joseph’s tomorrow morning to preview the campaign and air related features from the University.

 

Members of the campus community are welcome to be part of the “10! Show” audience.  Taping begins at 10:00 a.m. in the Foley Center on the Maguire Campus, with the show airing on NBC10 at 11:30 a.m.  The first 100 people in place in the Foley Center by 9:45 a.m. will receive a new “That’s The Magis” t-shirt as our gift.

 

Later on Thursday, a new interactive SJU.EDU web site will be launched.  It will include all of the Olympics television commercials as well as a wide range of new media content spotlighting all aspects of the University.  You can preview the new web site beginning at 12 noon tomorrow by clicking www.sju.edu.

 

I would like to thank all who contributed to the many stages of image campaign development over the past year.  In particular, the faculty, staff, students, trustees and alumni who took the time to participate in market research, focus groups and creative concept testing provided invaluable feedback along the way.  This campaign provides us a unique platform from which to convey the enduring value of the Saint Joseph’s experience, and we hope it is a true point of pride for Hawks of all ages.

 

Thank you, again.  We have much to celebrate!

 

C. Kevin Gillespie, S.J. ’72

President

Technology Service Center Update!

As you know, construction has been underway on the new Technology Service Center (TSC) in SC129 since the end of the spring semester. We are thrilled with the progress and we think you will be too.  We are on schedule to move in during mid-August.  At this time, walls are in place and ceilings are about to go up!

As we have mentioned before, the goal of our move is to create a full IT service center that will address the technology support needs of all faculty, staff and students in one convenient location.  In order to accomplish this, our entire Help Desk will be moving to this location along with our IT Purchasing department, our Training Coordinator, and our Technical Support team.

The members of our TSC team are:
Lauren Adams – Director, User Services
Richard Trench – Assistant Director, Technical Services
Bill Endrizzi – Technical Support Specialist
James Marano – Technical Support Coordinator
Olivia Ward – Manager, IT Procurement and Communications
Rhiannon Mayer – Service Desk Manager, User Services
Ben Jezierski – IT Training Coordinator

During the next few weeks, we will continue to provide additional updates about the TSC on our Twitter (https://twitter.com/sjuit) and the TSC blog (http://sites.sju.edu/oit/).  Pictures of the construction progress can be seen by liking us on Facebook at http://www.facebook.com/SJUTSC.

[nggallery id=1]