Kansas State University

search

IT News

Tag: security tips

Password-stealing e-mail scams are back!

Posted on by Harvard Townsend (harv@ksu.edu)

Not surprisingly, last Friday saw the return of a spear phishing e-mail scam that tries to steal K-Staters’ eID passwords by tricking them into replying to a bogus e-mail pretending to be from the “THE KSU HELP DESK <hlpdsk@ksu.edu>”.  What is surprising is that at least six K-Staters were duped by the scam and replied to the e-mail, thereby giving their eID password to criminals who promptly used the stolen credentials to sign in to K-State’s WebMail system and send large amounts of spam. This resulted in e-mail from K-State being temporarily blocked by Hotmail over the weekend.

Thus, a repeat of past warnings is warranted: K-State IT support staff will NEVER ask for your password in an e-mail! Nor will any reputable company. If you receive an e-mail asking for your password, assume it is a scam and delete it.

A copy of the scam e-mail from Sept. 5, along with dozens of other scams targeting K-State, is available on K-State’s IT security website.  Hints on how to recognize a scam are also available.

Five things you should know about IT security at K-State

Posted on by Harvard Townsend (harv@ksu.edu)

With the return of tens of thousands of students and arrival of thousands of new students, faculty, and staff, everyone needs to be reminded of the importance of protecting K-State’s information and technology resources. Here are five things about IT security that individuals need to be aware of as the semester begins:

  1. Never give your password to anyone in an e-mail message. Numerous different scam e-mails have been sent to K-Staters over the last eight months trying to trick people into replying with their eID password.  K-State IT support staff will never ask for your password in an e-mail, nor will any legitimate business or organization. If you get such an e-mail, just delete it.

    2. Continue reading “Five things you should know about IT security at K-State”

Don’t fall for “Antivirus 2008 XP” rogue software!

Posted on by Harvard Townsend (harv@ksu.edu)

In the last week, four computers in one K-State department were compromised and used to send massive amounts of spam to recipients all over the world. Likewise, I was contacted by a K-State employee who had warning messages pop up repeatedly on her home computer telling her the computer was infected and she needed to purchase special software to fix it. The common denominator in all five cases is rogue anti-spyware software called “Antivirus 2008 XP” (aka “Antivirus XP 2008”) that’s making the rounds on the Internet. Continue reading “Don’t fall for “Antivirus 2008 XP” rogue software!”

State Surplus Property disposes of hard drives at no cost

Posted on by Harvard Townsend (harv@ksu.edu)

In light of security risks posed by improper disposal of electronic media like computer hard drives, the state of Kansas’ State Surplus Property program offers an immensely useful service by physcially destroying computer hard drives at no charge. Since federal guidelines (PDF) and an upcoming state policy require disk drives with confidential data to be “disintegrated, shredded, pulverized, or incinerated” when they are not going to be re-used or they leave the institution, few have the resources to properly destroy the drives. Fortunately, State Surplus Property contracted a company to degauss, shred, and then smelt the drives and is absorbing the cost. Continue reading “State Surplus Property disposes of hard drives at no cost”