Office of Information Technology
Welcome to the Florida Tech Information Technology Cyber Security web page. In today's digital world there are many security concerns. In an effort to address these concerns, the I.T. department has created this central location to educate and inform users allowing you to increase your safe computing awareness.
Security awareness aims to persuade a computer user to follow behavior that will increase the protection of data and privacy when using a computer. Many safe computing activities such as installing malware detection software, keeping operating systems patched and up-to-date, using strong passwords, and avoiding harmful websites, are used together to protect computing resources and data. The more of these activities are used, the stronger the protection. By educating users on security awareness we take the first step against defending our computer resources, data and information from these threats, which minimizes the damage and time it would take to recover from a breach.
Current Malware Threats
A current list of Malware, Malicious Attacks, Phishing and SPAM attempts as well as update notifications will be provided below, and updated as needed.
Recent Phishing Campaigns
You've heard the terms phishing and spear phishing pretty often by now. But do you know what phishing actually is and what the difference between phishing and spear phishing is:
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
Spear phishing is the targeting of specific companies or individuals, using hand-crafted messages meant to trick them into divulging personal or confidential data for unauthorized use. ... Instead of a mass email sent to a wide swath of people, spear phishing focuses on one particular user or organization.
Most of the messages we receive are phishing. The ones this week are actually spear phishing. They are edited to cater to University personnel.
We received two different spear phishing emails this week, both appear to come from Dr. McCay with an attachment that needs to be filled out.
Clicking on the attachment opens a document that looks like this:
Upon entering in information the page refreshes and Thanks you for your submission. The victims information was just sent to the phishers. If you find yourself a victim you will need to contact Tech Support at x7284 and reset your password immediately.
So how do we know this is phishing and not an actual email from Dr. McCay?
1. Neither of the actual From Addresses were @fit.edu or any email address that Dr. McCay would use. Most communication that come from the President are actually sent out by one of his staff with a FIT address
2. Dr. McCay can spell and his grammar is pretty good the last time I chatted with him. I agree that spelling mishaps happen to us all, but usually if its an important message we would use spell check.
3. The secure document looks a bit phishy, and when you hover over it there is actually a link that will display that directs you off to some outside place far from a secure FIT resource.
Report suspcious messages to firstname.lastname@example.org . We will be able to examine the messages and attachments and determine if they are malicious or not.
We have also faced spear phishing scams sent to individuals asking for a 'favor' or some sort of payment, which is usually sent from a VP like Dr. McCay, Dr. Catanese or Bill Jurgens. If you receive a message like this please send them as an attachment to email@example.com
The SANS Security Awareness Newsletter 'OUCH!' is full of great articles and resources. The November edition has a straight forward article listing what to look for and what to do if you have been 'hacked'. To read the article or subscribe to their newsletter please visit: https://www.sans.org/security-awareness-training/ouch-newsletter
Their list of clues that you have been hacked:
1. Your anti-virus program generates an alert that your system is infected. Malware can generate pop-ups that claim your computer is infected, open your AV program to verify where the alert is being generated and run a virus/malware scan.
2. You get a pop-up window saying your computer has been encrypted and you have to pay a ransom to get your files back.
3. Your browser is taking you to all sorts of websites that you did not want to go to.
4. Your computer or applications are constantly crashing or there are icons for unknown apps popping up.
5. Your password no longer works even though you know it's correct.
6. Friends as you why you are spamming them with emails that you know you never sent.
7. There are charges to your credit card or withdrawals from your bank account that you never made.
Symantec has published their 2017 Internet Security Threat Report and they reported that the number of email-borne malware and virus infection has decreased over the last 2 years even though the number of attempts has increased. This shows that people are becoming more aware of the threats that lurk in their inboxes. 1 in every 220 emails contains a Virus and 1 in every 1,846 emails is a Phishing attempt. Our email filters keep out the vast majority of infected emails, but phishing is a bit harder for an appliance to catch. 1 in 3,172 websites were found harboring malware. Keeping your Operating System, Anti-virus and Malware scanners current will help to detect these com[romised websites before your system becomes infected.
The number of mobile devices (smartphones and tablets) has increased. This leads to an increased threat upon these devices. Vulnerabilities are constantly being found and exploited on these devices which we use daily. Keep your device up to date with OS releases, do not click on links that come in as text messages unless it is an expected text. Be aware of email attachments on your mobile device, these are vulnerable to virus and malware just like your workstations and laptops.
The way to avoid becoming a victim? Keep your Operating System and all software up to date, do not click on suspicious emails and have an up-to-date malware/virus scanner on your computer.
If you would like a copy of the Symantec Internet Security Threat Report visit the following website: https://www.symantec.com/security-center/threat-report
Full Copy of the FBI Spear-Phishing Notification: Missing Children
The links below are examples of older Phishing emails reported: (All example emails are in PDF format)
- Phishing Email: Dearest One
- Virus Attachment Email: Corporate Fax This email has a .zip attachment that is a virus
- Phishing Email - FBI Bank Fraud
- Phishing Email - Webmail Upgrade
- Phishing Email - 3rd Party Notification
- Phishing Email - Cas.fit.edu Notification
- Phishing Email- Exceeded Mail Quota
If you receive a message stating that you have reached your email Quota, that you need to confirm your account, complete an evaluation or change your password, take a close look at the email before clicking on any links. The Florida Tech Information Technology (IT) department will not place links in these types of emails. Most of the phishing and infected emails will have links to websites that have nothing to do with the University. If you suspect that you have received a phishing message you can forward the message to firstname.lastname@example.org for analysis. If you need to reset your password or check to see if there is an issue with account please visit the main IT page at it.fit.edu
For free Security Software please see the Information Technology Software downloads page located here
For Information Technology Policies click here
If it Looks to Good to be True it Probably Is
You receive an email that says you've won a prize, that your gift card is waiting or that some Nigerian Prince wants to give you millions of dollars. Is it real? Everyone loves to win something and that is the aim of these scammers. A joint federal law enforcement and industry task force established to battle these scammers has created a website LooksTooGoodToBeTrue.com to help consumers spot these fraudulent messages. The website shares stories from past victims, the many types of fraud, tips, alerts and a place to report suspected fraud. FakeChecks.org is another great resource that also provides a fraud test to help consumers determine if they are a target of fraud.
Do You Know How to Secure Your Mobile Device?
Think about the last time you used your smartphone. Did you check your email? Track your finances? Post a photo or check in to a location? Most likely, making phone calls is just one small part of how you use your mobile phone on a daily basis.
Did you know that about 53% of emails are opened on a mobile device? And that 23% of those emails are opened on that device more then once? The iPhone is the most common mobile device that users are opening their email on and that iPhones are one of the most targetted mobile devices for malware attackes. This is attributed to the increase in users 'jail-breaking' their device, which removes the protection that is included in the Apple iOS platform.
Additionally, hundreds of thousands of apps—many of them free—provide tools to use our phones to do everything from ordering take-out food to monitoring your exercise routine. However, the ease and accessibility of computing from your smartphone brings increased risks. We should follow simple tips for safeguarding our phones the same way we protect our computers and laptops.
The Federal Communications Commission’s (FCC) recently released Smartphone Checker designed to help the many smartphone owners who aren’t protected against mobile security threats. Click here to access the Smartphone Security Checker by completing 10 quick and customized steps to secure your mobile device.
The FCC also offers these simple tips to secure your mobile device. For additional information on each of the tips or to download a copy, click here.
• Set PINS and passwords. You should configure your phone to automatically lock after five minutes or less when your phone is idle, as well as use the SIM password capability available on most smartphones.
• Do not modify your smartphone’s security settings. Altering your mobile phone’s factory settings undermines the built-in security features offered by your wireless service provider and smartphone manufacture making it more susceptible to an attack.
• Backup and secure your data. Backing up your data such as your contacts, documents, and photos will allow you to conveniently restore the information if it is lost, stolen, or accidently erased.
• Only install apps from trusted sources. Many apps from untrusted sources contain malware that once installed can steal information, install viruses, and cause harm to your phone’s contents.
• Understand app permissions before accepting them. Make sure to also check the privacy settings for each app before installing.
• Install security apps that enable remote location and wiping. Visit CTIA - The Wireless Association® for a full list of anti-theft protection apps.
• Accept updates and patches to your smartphone’s software. By keeping your operating system current, you reduce risk of exposure to cyber threats.
• Be smart on open Wi-Fi networks. When you access a Wi-Fi network that is open to the public, your phone can be an easy target of cybercriminals.
• Wipe data on your old phone before you donate, resell, or recycle it. To protect your privacy, completely erase data off of your phone and reset the phone to its initial factory settings.
• Report a stolen smartphone. The major wireless service providers, in coordination with the FCC, have established a stolen phone database. If your phone is stolen, you should report the theft to your local law enforcement authorities and then register the stolen phone with your wireless provider.
How to Keep Yourself Cyber Safe
National Cyber Security Alliance Resource site: StaySafeOnline.org has a wealth of information to keep you and your family safe online.
Department of Homeland Security Cyber Security Information is available here.
Additional resources, tips and tools to keep yourself and your family safe online are available here: Stop|Think|Connect
It is your responsibility to keep your passwords safe. Below is an article from the Department of Homeland Security encouraging users to evaluate and protect their passwords:
STOP.THINK.CONNECT.™ ENCOURAGES YOU TO EVALUATE YOUR PASSWORDS
Recent high-profile data breaches exposed millions of consumers to increased risks of cyber threat, cyber fraud, and other cybercrime, demonstrating the importance of cybersecurity as a shared responsibility. While industry, government, and small business have a vital role to play in securing their cyber infrastructure and protecting customer data, each of us can be more vigilant about practicing safer online habits—including creating strong passwords and actively managing them.
Our passwords serve as a check point in preventing others from accessing our bank accounts, smartphones, work and personal email, and social networking sites. Take a minute to think about your passwords. How many times do you use the same password to access multiple sites? Is your password based on common 20 questions, such as a middle name, pet’s name, favorite color, or the school you attended? A 2010 study analyzed 32 million breached passwords and found that nearly 50% of users used names, slang words, dictionary words or trivial passwords. The most common password is “123456.”
The Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT) shares common mistakes and remedies for creating and protecting your passwords that includes the tip below.
The easiest way to create a secure password is to use a passphrase. Passphrases are one or two sentences with the spaces removed between words like “stopthinkconnectiseasytodo.” Turn the words into shorthand or intentionally misspell a word “Stopthnkcnctisez2do.” Put numbers that are meaningful to you at the end to add length “Stopthnkcnctisez2do2012.” Now the password is complex, hard to guess, and at the same time easy to remember.
Digital Millennium Copyright Act (DMCA)
The Digital Millennium Copyright Act has generate a lot of controversy since it was passed into law in 1998. The act gives the owner or holder of copyrighted materials the ability to enter a lawsuit against those that illegally distribute/share the materials. These materials could be music, movies/shows, software, books, etc. Many Universities have decided to block all file sharing capabilities on their network in order to avoid lawsuits from entities like the Recording Industry Association of America (RIAA), Paramount, Universal, and others. Other Universities, like Florida Tech, have decided not to block Peer-2-Peer software and capabilities, however we have taken steps to protect our network users and the University as a whole.
Educase offers a listing for legal sources of online content here. In accordance with the 2010 High Education Opportunity Act we have established our DMCA policy and guidelines. Our Information Technology department does not review the network traffic to detect and persecute individuals who are running torrent software, but we do receive notices from companies who do. When we receive these notifications we are required to make every attempt to internally identify the user, explain the violation and allow the violator the option to dispute the notification. The violation is handled differently depending on the prior amount of infractions reported to the individual. A description of the process for each notification can be found here and the policy is available here.
There have been many lawsuits filed for illegal distribution of copyrighted materials and the RIAA recently announced that they are filing lawsuits against 762 illegal file sharers, including individuals at 26 different universities. The announcement can be viewed here. These lawsuits bring hefty fines and penalties, usually in the thousands. Here at Florida Tech we have also had a few students sued for copyright violations. Please keep in mind that Florida Institute of Technology is your Internet Service Provider (ISP) and we will attempt to resolve any DMCA notices that we receive with our standing policy. By ignoring the policies and procedures you place yourself and the University at risk for legal action.
We have uploaded a DMCA notice that was recently received, you can view it here: DMCA notification
Updates and Notifications
Malware/Virus removal Tools, Vendor update notification links and Free Security Checkups:
|Audit My PC|
|Apple Flashback Removal Tool|
|Apple Security Updates Page||ESET Free online Scanner|
|Symentec Removal Tools||Sophos Security Tools|
|US-Cert.gov Alerts List||Security Wire - Secure List Threat Alerts|
Think you have an infected computer or compromised account/password? Contact Technology Support @ http://it.fit.edu/