Yes, it is almost the end of May…June will be here before some of you read this, but it was important to go ahead and send out a much delayed May newsletter. This will be a somewhat short, but to the point newsletter. It was important to send this out for three reasons. The first is to remind everyone how to tell real voicemails from all of the fake ones we receive on a daily basis. The second reason is to remind everyone to update their computers and phones. Finally, there is exciting news regarding the services the Office of Information Technology provides, along with new ways to be up to date.
Fake voicemails are a favorite tool of attackers. These emails come in and look very important, with bold fonts and specific dates and times, but with noticeable tell-tale red flags. These include garbled subject lines and poor spelling, but also incorrect attachments and suspicious senders. Our voicemails will always have a .wav file attached to them. Any file that purports to be a voicemail, but does not have a .wav file attached is a phishing attempt. Also, you should not receive a voicemail notification from yourself. Phishers like to spoof the sender to be you, so you will be more likely to trust it. For a detailed description of what a valid voicemail notification looks like, check out the Quick Info page about voicemails, right here on this site.
Microsoft Patch Tuesday happened back on May 9th, and if you have not rebooted your computer to allow these updates to run, you should take the time to do so soon. Also, if you use an Apple iPhone, iOS version 16.5 is now available and you should take the time to upgrade your phone. Turning on automatic updates will help you stay current, as the phone should update when plugged in, connected to WiFi, and inactive. You can turn on automatic updated by going to Settings, General, Software Update, Automatic Updates and turning on the three items there (Download iOS Updates, Install iOS updates, and Security Responses and System Files).
For those of you who haven’t noticed, the Office of Information Technology has a new help desk software system. By going to https://support.berry.edu, and clicking on Client Portal, you can see what is going on with any support tickets you may have placed, but you can also see helpful articles and information, any known issues and outages, upcoming maintenance, and my favorite – information security news, alerts, and more. I will update this regularly, so check there for the most important information regarding information security. We hope this new help desk system will improve our ability to service your requests, and provide you with current information.
One more BONUS bit of information. Before classes start back in August (sorry, it had to be mentioned) we plan to remove the “Phish Alert Report” button from Outlook. You will still be able to report phishing and spam emails, you will just use the built-in Outlook reporting options. More information on that is coming in the July newsletter. Be looking for it!
That’s all…short and to the point.
All Berry students, faculty and staff have MFA enabled on their Berry account, and you should use it in the most secure way via the Microsoft Authenticator app on your smart phone. But don’t stop there! Use the Microsoft Authenticator as your second factor on any site that supports Google Authenticator. Turn MFA/2FA on everywhere you can. Yes, it will take you another few seconds to log in, but your data and account will be safer.
Please continue to report those phishing emails! We are holding a drawing at the end of every month for a small prize and all you need to do to enter the drawing is to report a phishing email.
If I’m not covering a topic of cybersecurity you are interested in or concerned about, please let me know. I want to be your first and best resource on cybersecurity information, so let me know how I can help and inform you.
If you’re not following Berry OIT on Facebook (@BerryCollegeOIT), Twitter (@berryoit), or Instagram (@berrycollegeoit), you should be, as more information from OIT and specifically Information Security, will be provided using these outlets. If you are not into social media, you can also subscribe to get updates via email. Just use the link available in the right-hand sidebar on the website.
Check out https://support.berry.edu for more information about OIT and the services we provide. You can always check back here for warnings about current phishing emails, confirmations of valid emails you might have a question about, and data breach notifications. There’s also the events calendar where events will be posted, like Cybersecurity Awareness Month.
Sorry, no food for thought this time!
Featured Image: Photo by Christopher Luther on Unsplash