Kansas State University

search

IT News

Author: Rebecca Gould

An old scam with a new twist, bitcoin demands coming around again

Imagine my surprise toΒ  open an email and learn that I was about to send pornography and video footage to ten randomly selected individuals from my contact list, should I not comply with the demands of $2,000 in bitcoins within 24 hours. Where my heart skipped a beat was in the subject line that included an old password and the first sentence of the email that included the same password.

Here’s how the email started:

“π™Έπš πšœπšŽπšŽπš–πšœ πšπš‘πšŠπš, ——–, πš’πšœ πš’πš˜πšžπš› πš™πšŠπšœπšœπš πš˜πš›πš.”

According to our security experts, this password could have been harvested years ago, stored on the dark web and then sold to scammers –some nefarious individual(s) with too much time on their hands.

After more deep breathing and internet searches, I found this to be an old scam but with a new scarier twist, the revealing of a password. It also listed how many days the scammer had been capturing information about me – 182 days.

What did I do? After a few more deep breaths, I did the following:

  • Sent the email with headers to abuse@ksu.edu.
  • Discussed the email with our technical support staff
  • Checked the scams blog to determine if this had been reported
  • Changed my password on every system where I had used the old password.
  • Ran malware software on my computer
  • Deleted the email
  • Remain vigilant about scams

A couple of red flags I noted from the email were the urgency and intimidation of the request (πš›πšŽπššπšžπš’πš›πšŽ πš’πš˜πšžπš› πšπšžπš•πš• πšŠπšπšπšŽπš—πšπš’πš˜πš— πšπš˜πš› πšπš‘πšŽ πšžπš™ πšŒπš˜πš–πš’πš—πš πšƒπš πšŽπš—πšπš’-πšπš˜πšžπš› πš‘πš˜πšžπš›πšœ), the demand for money (π™Ώπšžπš›πšŒπš‘πšŠπšœπšŽ $ 𝟸𝟢𝟢𝟢 πš’πš— πš‹πš’πšπšŒπš˜πš’πš— πšŠπš—πš πšœπšŽπš—πš πšπš‘πšŽπš– πš˜πš— πšπš‘πšŽ πš‹πšŽπš•πš˜πš  πšŠπšπšπš›πšŽπšœπšœ), the email from an individual I didn’t know (mpnaneteps@hotmail.com), poorly worded email and incorrect use of capitalization.

The university has been busy processing these scams over the last week. If you are unsure about an email send to abuse and then delete. My mantra continues, when in doubt don’t give it out (your credentials).

ETDR walk-in sessions

The fall semester deadline for submitting ETDRs (electronic theses, dissertations, and reports) to the Graduate School is 5 p.m., Friday, November 15. All ETDRs must be submitted as PDFs through the K-REx repository system.

Walk-in ETDR help sessions are scheduled November 5 – 15:

  • Tuesday, November 5 – 1:30-2:30 p.m.
  • Wednesday, November 6 – 9:30-10:30 a.m.
  • Thursday, November 7 – 9:30 – 11:00 a.m.
  • Monday, November 11 – 2:30-4:30 p.m.
  • Wednesday, November 13 – 2:30-4:30 p.m.
  • Thursday, November 14 – 1:30-3:30 p.m.
  • Friday, November 15 – 3-5 pm

All sessions are in the Media Center (MC) in Seaton Hall, Room 1 (basement level). The MC has Windows and Mac computers, scanners, Microsoft Office Suite, and Acrobat Pro software. MC consultants are available to help withΒ  PDF-conversion issues.

IT Update

August brings a frenetic rush to the finish line – the first day of classes. This month we continue with the Amazon Web Services (AWS) – Migration Readiness Project (MRP), the Constituent Relationship Management (CRM) rollout, wireless controller and firewall upgrades and so much more.Updates

Staff

The CIO and Deputy CIOs will be convening listening sessions with ITS staff on the process of reorganization. Data were provided to staff in advance of the meeting to prepare for the discussion and questions. Staff also were provided a link to an anonymous feedback survey. Continue reading “IT Update”

ETDR walk-in sessions

The summer semester deadline for submitting ETDRs (electronic theses, dissertations, and reports) to the Graduate School isΒ 5 p.m., Friday, August 16.Β  All ETDRs must be submitted as PDFs through the K-REx repository system.

Walk-in ETDR help sessions are scheduled August 5-16:

  • Monday, August 5Β – 5-7 p.m.
  • Tuesday, August 6 – 1-3 p.m.
  • Friday, August 9Β – 3-5 p.m.
  • Wednesday, August 14 – 3-5 p.m.
  • Thursday, August 15Β – 6-8 p.m.
  • Friday, August 16Β – 3-5 p.m.

All sessions are in the Media Center (MC) in Seaton Hall, Room 1 (basement level). The MC has Windows and Mac computers, scanners, Microsoft Office Suite, and Acrobat Pro software. MC consultants are available to help withΒ  PDF-conversion issues.

Information Technology Services addressing the wifi vulnerability

Information Technology Services is addressing the vulnerability, referred to as KRACK (Key Reinstallation Attack). The vulnerability affects WiFi connectivity using the WPA2 encryption method. The hacker could use this vulnerability on an open, unencrypted network to retrieve confidential information including credit card information, social security numbers, bank account information, etc.

The K-State current Aruba infrastructure already has the protection in place for all of the vulnerabilities except for 802.11R, which is not enabled on our controllers at this time.

While protections are in place, K-Staters need to ensure that their devices (smartphones, laptops, etc.) have all the current patches and update as patches become available. This vulnerability also underscores the need for K-Staters to use the authenticated networks on campus including KSU Wireless, KSU Housing and Eduroam. Β When connecting from outside our network, K-Staters need to use the virtual private network (VPN).

The open KSU Guest wireless is unencrypted and should be avoided. The same is true when using open wireless networks at local restaurants, fast food operations, hotels, when shopping etc.

For assistance, contact the IT Help Desk at 785-532-7722.

Border firewall replacement rescheduled for Monday, August 14

K-State Information Technology Services rescheduled the border firewall replacement for 12:01-6 a.m. Monday, August 14. The university’s Polytechnic and Olathe campuses will experience the same outage as the Manhattan campus.

This will disrupt all campus connections to the internet and will impact anyone on the campus network attempting to connect to services off campus as well as anyone off campus trying to connect to services hosted on campus.

If you experience connectivity problems at or after 8 a.m on Monday morning, please contact the IT Help Desk at 785-532-7722 or by email β€” as available β€” at helpdesk@k-state.edu. Updates will be posted periodically as available throughout the maintenance period to the IT Status Page.

Reminder about phishing scams

The Dec. 22 email that appeared to be from President Myers is one more example of the need to be vigilant before responding to an email, clicking a link, or opening an attachment. The email appeared to be legitimate. A point of clarification though is communications from President Myers would more than likely be posted in K-State Today. Also when verifying the “reply to” email address, there was an additional “from” email address not associated with K-State (see the highlighted email below).

screen-shot-2016-12-22-at-11-34-47-am

image-with-highlight

U.S. CERT (U.S. Computer Emergency Readiness Team) reminds us to remain on the alert and when in doubt, delete the email, avoid clicking on a link and do not open suspicious attachments. When in doubt, DELETE.

In response to the latest phishing scam, Information Technology Services and Communications and Marketing have:

  • Blocked the URL for the email on the K-State network
  • Sent the attachment to Trend Micro for analysis. The attachment was deemed malicious and Trend Micro is preventing the attachment from being downloaded.
  • Posted notices about the scam throughout campus.

 

Be aware of increase in university phishing scams

Since Jan. 1, Information Technology Services reported and blocked more than 2,100 phishing scams. However, before the blocks were in place, nearly 1,000 K-Staters shared their eID passwords.

Remember: YouΒ are responsible and the best line of defense to protect your identity, personal information and university resources. K-State will never ask for your eID password over the phone or in an email.

Attention: ITS staff will change the way K-State filters email on Thursday, Oct. 27. Specifically, email coming through k-state.edu or ksu.edu domains will be run through an email filtering process to reduce the amount of spam and phishing scams reaching your inbox. With the number of spam emails and phishing scams coming through to ksu.edu and k-state.edu addresses, we all need to change our practices.

K-State is changing how it filters email. Check your junk folder for legitimate email.

Continue reading “Be aware of increase in university phishing scams”

Phone cable replacement Aug 11-14

Networking & Telecommunications Services needs to replace cable that was
damaged last year when the steam tunnels were flooded. While a fix has
been in place, the work occurring next weekend willΒ permanently repair the cable. Repairs will occur outside of normalΒ working hours and will only affect telephone lines and not dataΒ connections.

Work begins on Thursday, August 11Β at 5 p.m. The first building to be repaired will be Anderson Hall.Β Service work will be completed during the evening and telephones inΒ Anderson Hall will be back inΒ operation by 8 a.m. Friday morning. Phone cable replacementΒ will continue after 5 p.m. on Friday, August 12 and run through the weekend.

All phones should be operational by 8 a.m. Monday morning, August 15. If
users experience any outages after these repairs, please call the repair line at 532-7111. Updates will be postedΒ on the www.ksu.edu/its/status page.

Buildings where phone cable will be repaired include:
AndersonΒ Hall
Marianna Kistler Beach Museum of Art
Calvin Hall
FairchildΒ Hall
Kedzie Hall
McCainΒ Auditorium
Nichols Hall
ThompsonΒ Hall