April 2016

Phishing Alert | "Mailbox Helpdesk"

Posted April 25, 2016

Tags:



Employees recently received an email claiming to be from the Wheaton College IT Department. The email asks the recipient to follow a link and sign in to update their mailbox and prevent phishing, warning that their account may be deactivated if they do not update. The link in the email leads to a fraudulent webpage that asks for the recipient's email address and password.

This email is a phishing attempt. Do not click on any of the links in the email or provide your email address and password to the sender. Thank you to all who reported this scam.

If you responded to this scam and provided your email address and password, please contact us at 630.752.4357 (HELP).

Spotting Phishing Attempts

Phishing Example

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The email claims to be from the IT Department, but was sent from a personal email account. This email address almost certainly belongs to someone who fell for this scam previously and lost control of their account.
  2. The subject line is very vague. While subject lines like this don't always indicate a phishing attempt, it's still a sign to be more cautious than usual.
  3. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from Wheaton College, but the link directed people to a non-Wheaton website. Any emails from Academic and Institutional Technology will direct you to a www.wheaton.edu webpage. We will never provide a link in an email that sends you directly to a page where you are asked to input your password.
  4. Numerous grammatical mistakes indicate that this is not the official email it claims to be.
  5. A legitimate email from Academic and Institutional Technology will include contact information for our department. We always want you to be able to check in with us and ask questions if you're not sure about an email we sent. If there is no contact information, the sender is not affiliated with AIT.

Always exercise caution when responding to emails. If you're not sure whether an email is legitimate, contact us or call 630.752.4357 (HELP).

Phishing Alert | "#UNUSUAL #ACTIVITY"

Posted April 25, 2016

Tags:



Some employees recently received an email claiming to be from the Canadian Imperial Bank of Commerce. The email tells the recipient that their account was blocked because of unusual activity, and asks them to follow a link and provide their account information in order to unblock it.

This email is a phishing attempt. Do not click on any of the links in the email or provide any information to the sender. Thank you to all who reported this scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

Spotting Phishing Attempts

Phishing Example

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The email claims to be from the Canadian Imperial Bank of Commerce, but was sent from an unrelated email account.
  2. The subject line is in all caps and is unusual for a bank. While subject lines like this don't always indicate a phishing attempt, it's still a sign to be more cautious than usual.
  3. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from the Canadian Imperial Bank of Commerce, but the link directed people to an unrelated website.
  4. The email includes a misspelling and some grammatical errors, which is unusual for an official email.
  5. A legitimate email from any institution should include contact information such as an email address and phone number. If you don't see that, it's often because the sender is only pretending to be affiliated with a company or college.

Always exercise caution when responding to emails. If you're not sure whether an email is legitimate, contact us or call 630.752.4357 (HELP).

Changes to Jabber

Posted April 25, 2016

Tags: ,



Effective Date: April 25, 2016

In order to use our resources more effectively, we will make some changes to the Jabber configuration on some College-owned computers over the summer months. You will receive an email notification if this change effects you.

Impact on College Community

You will be able to use Jabber to:

  • Look up phone numbers for people in the Wheaton College directory
  • Initiate calls to people in the Wheaton College directory
  • See the status (available, on a call, etc.) of your contacts
  • Check voicemail

You will no longer have the option to place phone calls using your computer's microphone and speakers. All phone calls you initiate using Jabber will be routed through your desk phone. If your job requires you to place phone calls using your computer's speakers and microphone, please contact us and we will re-enable this feature for you.

If you have any questions, please contact us or call 630.752.4357 (HELP).



Removal of QuickTime from College-Owned Windows Computers

Posted April 25, 2016

Tags: ,



Effective Date: April 27, 2016

Because of two recently-discovered security vulnerabilities and Apple's depreciation of QuickTime for Windows, we will uninstall QuickTime from College-owned Windows computers beginning Wednesday, April 27.

Typically, companies like Apple provide regular updates to their software in order to repair known security vulnerabilities. When a company discontinues software, they stop providing these updates. Apple discontinued support for QuickTime for Windows earlier in April. At the same time, two QuickTime security vulnerabilities were announced. These vulnerabilities could allow a hacker to use QuickTime as a disguise for malicious code.

Uninstalling QuickTime will prevent the exposure of your personal data and information to those exploiting security vulnerabilities. We will uninstall QuickTime beginning Wednesday, April 27. No action is required, though we recommend all Windows users restart their computers at the end of the day on April 27 to help ensure QuickTime is uninstalled.

If you used QuickTime to play media files, you can use VLC media player instead, which is already installed on your computer.

You can read more about why we're uninstalling QuickTime in this alert from the Department of Homeland Security's Computer Emergency Readiness Team, including the listed references.

If you use QuickTime for Windows on a personally-owned computer, we recommend you uninstall it. Apple provides instructions on how to do so here. After uninstalling QuickTime, older versions of iTunes may stop working. If this happens, you can install the latest version here.

If you have any questions or concerns, please contact us or call 630.752.4357.

Phishing Alert | "E-mail Verification Notice"

Posted April 6, 2016

Tags:



Students and employees recently received an email claiming to be from a Wheaton College Web Administrator. The email says that the recipient must verify their email account in order to increase security, warning that their account may be deleted if they do not comply. The link in the email leads to a fraudulent webpage that asks for the recipient's email address and password.

This email is a phishing attempt. Do not click on any of the links in the email or provide your email address and password to the sender. Thank you to all who reported this scam.

If you responded to this scam and provided your email address and password, please contact us at 630.752.4357 (HELP).

Spotting Phishing Attempts

Phishing Example

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The email claims to be from a Wheaton Web Administrator, but is not sent from an @wheaton.edu account. This email address almost certainly belongs to someone who fell for this scam previously and lost access to and control of their account.
  2. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from Wheaton College, but the link directed people to a non-Wheaton website. Any emails from Academic and Institutional Technology will direct you to a www.wheaton.edu webpage. We will never provide a link in an email that sends you directly to a page where you are asked to input your password.
  3. A legitimate email from Academic and Institutional Technology will include contact information for our department. We always want you to be able to check in with us and ask questions if you're not sure about an email we sent. If there is no contact information, the sender is pretending to be affiliated with AIT.

Always exercise caution when responding to emails. If you're not sure whether an email is legitimate, contact us or call 630.752.4357 (HELP).

Media Center