Safe Computing @ Andrews

A Message from the CIO

Email phishing schemes continue to catch several Andrews University email users each week. Those creating these emails are using increasingly clever methods to fool people into giving out their usernames and passwords. One of these methods is to create messages that are very similar to actual emails sent by the University. [In the last couple of days,] messages with a subject line of “Re-confirm Pay-Roll For October” were attempted to be sent to Andrews University emails. Most were captured in the University’s spam filtering system and would be visible only in the [Google] Quarantine message unless the email user released them to their email.

This spam filtering system only processes email from servers not in the Andrews system–email from Andrews addresses would not be in the Quarantine email unless they are sent from off campus servers. If you do see messages that appear to be from Andrews in the Quarantine email, they are very likely to be coming from someone impersonating an Andrew’s user and would most likely be malicious.

The following are important guidelines to help avoid falling for these schemes:

Do not release questionable messages (such as messages about payroll coming from a non-Andrews email address) from your Quarantine or if you must, treat them with great caution.
Be very wary of clicking on links in emails. If possible, verify that the actual link is not different from what is displayed and make sure that it is a valid Andrews link (let your cursor rest on the link without clicking and see the actual link in a popup window or status bar at the bottom of the window). Even safer would be to go find the website yourself rather than depending on the link in the email.
If you are unsure, ask for advice. You may contact your ITS Building Technician or the Technology Helpdesk if you are uncertain about an email.

Thank you very much for being alert in avoiding these schemes. This will reduce problems for you, save many hours of work for ITS staff in removing spam email generated by those misusing Andrew’s usernames and passwords and help prevent University emails being blocked by other sites.

Sincerely,

Lorena Bidwell
Chief Information Officer
Andrews University

Take the Time, Be Informed

Phishing Scams

When Internet criminals impersonate a business to trick you into giving out your personal information, it’s called phishing. Do not reply to email, text or pop-up messages that ask for your personal or financial information. Don’t click on links within them either—even if the message seems to be from an organization you trust, like Andrews University—It is not! Legitimate businesses don’t ask you to send sensitive information through insecure channels.
Malicious email typically uses urgent language, asks for passwords, bank account numbers, user names, credit card numbers or other personal information; and may have grammatical, typographical or other obvious errors.

Spear Phishing: Scam, Not Sport | Norton
Phishing | OnGuardOnline.gov
Recent Phishing Emails at Andrews University
Take this "phishing" quiz from OnGuardOnline.gov
Report phishing attempts. If you suspect an email to be a phishing attempt, forward the entire email to helpdesk@andrews.edu.

What happens if I am scammed?
If you think you gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised.

Change your Andrews password. Sign in to Vault, then select "Change Your Password."
Carefully review any online accounts that became vulnerable as a result of responding to the email message.

Report Possible Phishing Scams and IT Security Incidents
If you have received an email that you believe is a potential phishing scam, it is important that you report the incident(s) as soon as possible so that work can begin to investigate and resolve them. Forward the suspected phishing email to the ITS Technology Helpdesk at helpdesk@andrews.edu. IT security incidents include but are not limited to items listed in 1:762:10 General Guidelines of the Andrews University Computers & Networks Policy.

Still Not Sure?
The following links are well-known services to check domains for reports of phishing, scams and spam email. They let you search for websites and domains that have been reported by others as being good or bad.

https://community.opendns.com/domaintagging/
https://www.mywot.com/en/scorecard
http://www.phishtank.com/

Email Safety

Set up your spam filter. Search online for various tutorials concerning instructions for your email client. Andrews University uses a spam filter by Google. For more information, see Manage Spam Emails at Andrews.
Block unwanted instant messages. Spam attacks instant messenger as well, so set up your spam filter on your messaging client.
Block Images. Pictures sent through email can be modified to communicate with the sender. Spammers use the info to find active email addresses so prevent pictures from downloading until you’ve read the message. Check your email User’s Guide to learn about this feature.
Only share your primary email address with people you know
Set up an email address dedicated solely to web transactions
Watch out for pre-checked boxes. When you buy or download online, companies sometimes pre-select check boxes to trick you. Make sure to read all check boxes and uncheck anything you don’t agree with.
Delete junk email messages without opening them. Some emails contain hooks that capture your email address when you open the email.
Don’t reply to spam emails. Be wary of messages that include a link to "remove me from this list."
Don’t give out personal information in an email or instant message.
Think twice before opening attachments or clicking links in e-mail or instant messages. Viruses can attach themselves to email and infect your computer when you click on them.
Don’t buy anything or give to any charity promoted through spam. Spammers often swap email lists. So, buying something from spam mail may result in your name being passed to another spammer resulting in even more spam being sent directly to you.
Don’t forward chain email messages. You can easily lose control of who sees your email address and further provide your email address to additional spammers.
Report abusive, harassing, or threatening email messages to Student Life and Campus Safety.
Report phishing scams or fraudulent emails to the company who was misrepresented by contacting them directly.

Recommended Malware / Virus Protection

Our office recommends the following free software for effective anti-virus and anti-malware protection:
Windows:

Malwarebytes
Windows Defender | Built-in to Windows 8.1 and 10
Microsoft Security Essentials

Mac:

Information Technology Usage Policy
OnGuardOnline.gov	The federal government’s website to help you be safe, secure and responsible online.
US-CERT	Tips from the U.S. Computer Emergency Readiness Team, the official website of the U.S. Department of Homeland Security.