A recent surge in malware threats has occurred at Owens as well as some other area colleges. As you're likely aware from past messages from ITS, there are many forms of email threats. The most prevalent is still the embedded link. But, in the last two weeks, ITS has become aware of a different type of threat in the form of an email attachment. These attachments can be executable files (.exe or .com). The recent threat seems to be in the form of a .zip file attachment (filename.zip). The sender is addressing the email to make it appear to come from an internal Owens employee. The "From:" address may be displayed as: Administrator (email@example.com). This is not a valid email Owens address. The real address is masked by what's known as a "forged" (or fake) email address, to make it appear that the message is from an Owens email account. The subject of the messages can vary as well.
Opening the attached files can potentially be extremely damaging. Files on your PC and even shared network drives can become damaged, and no longer accessible for all users of shared resources. One specific virus that's been identified recently is what's termed as "ransomware". When the file attachment is opened, it will encrypt files on the local PC as well as attached network drives. It will then pop-up a message on the PC with a ransom demand for a code to decrypt the files. When you check messages in your personal quarantine (MailStore - in Ozone), please be very suspect of any message captured in this quarantine. Messages in MailStore are rated with a SPAM score from 1 - 10, with 10 being the highest threat. Any message with an attachment that is released from MailStore should have the attachment scanned before opening. If your not expecting a message from a sender, or the senders address appears a bit odd or unrecognizable, please contact the HelpDesk at x7120 before opening any attachments or clicking on the email link. It would be a good practice to contact the sender to verify they sent you the message in question if your not sure about it's origin or safety.
The most common Phishing message we tend to see still is a request to "Your mailbox is almost full" , "There's a problem with your email account", "Webmail Verification Update" or "Email Quota Limit Exceeded". These messages will likely ask for your Firstname/Lastname as well as your username/password. If you look closely at the sender email address, you will most likely notice that it is NOT an Owens email address that is sending this message to you! Owens ITS would never ask for this information. The other type of Phishing email will ask you click on a link, which will then take you to 3rd party web page. You will then be asked to enter your login/password information for your Owens email account. If you see an email like this, it is referred to as "phishing", or as definition states: The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise/institution in an attempt to scam the user into surrendering private information that will be used for identity theft. If you do receive any messages like this, please forward them as an attachment to the Helpdesk (firstname.lastname@example.org) by Right-clicking on the messages and then selecting to "Forward as an attachment" to the Helpdesk email address. If you do provide your login information in one of these messages, please contact the Helpdesk at (567)661-7120 ASAP so your password can be changed. This will prevent your account from being used to SPAM other individual's email accounts. Viewing the example messages below, you can see there is a wide variety of email's we receive (you may recognize some of them). ITS asks that you be aware of these types of messages, and if you are suspicious, please contact the Helpdesk.