July News from Information Security

First, I’d like to make it crystal clear…crystal…clear…there are NO FREE PIANOS!

Welcome to the July newsletter and welcome to July. This newsletter comes at a time that I hope is better than last week, as I suspect that half of you were on vacation, and the other half were wishing you were, so I assumed no one would read it then. You definitely should continue reading now, as there are a number of topics I need to get in front of everyone. I have an update on how to report phishing (and spam) emails that will be a slight change from the “Phish Alert Report” button we are all used to now. Another future change and an extended reminder about mixing business and personal information will round out this middle-of-the-year newsletter. I have decided to kick the resolution of my explanation of passkeys to next month’s newsletter

Yes, there are no free pianos…

We’ve seen a frantic increase in the number of attempts to offer a (nonexistent) free piano. I’ve explained this scam before, but just as a review, once you contact the phisher, they claim that it is “first come, first serve” and that you have to pay “the mover” to deliver it to you, up front, with questionable methods, usually via a cash transfer app like Venmo. Once they have your money, you don’t hear from them again, striking a sour note on your plans for a beautiful and classy addition to your home. There are no free pianos, similar to how there are no free puppies…except that, at least with free puppies, you do get something. It might not have been what you wanted.

The other phishing emails we never run short of are the “password expiration” warnings that arrive and promise terrible consequences because your password is EXPIRING!!! TODAY!!! Then you see the happy “Keep Same Password” button and for a split second believe that your troubles are all fixed by clicking on it. This is a friendly reminder that we will (lovingly) NEVER allow you to continue using your password if it is expired. Please report those emails that scream “your password is expiring”, but then say “Keep same password”. They’re not real. We will start notifying you fourteen days from the expiration date of your password. That should give you plenty of time to start working out a new password (if you’re still one of those people who do that and don’t use a password manager to do it for you).

We’ve worked hard over the past few years to get everyone to report those phishing and spam emails to us using the Phish Alert Report button. Now that we have a good number of you doing that, we’re going to switch things up a little. The Phish Alert Report button is the product of a company called KnowBe4, who also create information security awareness training materials and other products. We’ve used a number of their products in the past, but are now moving away from them. Once we complete that process, we will no longer use the Phish Alert Report button. We’ll use the Microsoft provided “Report Message” button that will appear in your toolbar in Outlook. It looks like this…

The button circled in red on the left is where you would normally report junk/spam emails, or flag an email as “Not Junk”. To be clear, if you want to immediately block a sender from sending to you, you would still have to do that from this button, as the new button will not have this option. The button circled in blue is the “Phish Alert Report” button where you currently report phishing emails. The button highlighted in yellow is the coming “Report Message” button where you can mark an email as junk/spam, or as phishing, or mark it as “Not Junk”. Be on the lookout for your new button to show up in Outlook. If you are not using Outlook or the Outlook Web Client or the mobile app as your email client for your Berry account, you should be. The two buttons may coexist for a while in the toolbar, but eventually the “Phish Alert Report” button will go away.

With new resources to manage and secure our Microsoft accounts, the Office of Information Technology (OIT) is taking a more aggressive stance on potentially compromised accounts. If we receive a notification from Microsoft that a multi-factor authentication (MFA) fraud alert was generated on an account, we will reset the password on the account and lock it until the user comes and reclaims it. If an MFA fraud notification is received on an account, that means someone has the password and has won half the battle in taking over the account. OIT will act accordingly and change that password to protect the account. If you have any questions about this policy, please let me know. I’ll be glad to answer them.

Finally, I want to mention that, again, due to the new resources we have to manage and secure our Microsoft accounts, we want to encourage you to not conduct personal business with your Berry email address. Please keep your utilities, credit cards, bank account, insurance, and other sensitive business in your personal email address. This for your protection, as ALL records maintained in Berry email accounts could be subject to a legally mandated search, for instance, in the case of litigation the college might be involved in. If you are comfortable with this possibility, you probably shouldn’t be. Another issue that could arise that might cause issues for you would be if your account were to be locked by someone attempting to compromise it. You might not have access to important information stored there or you might be unable to communicate during a time sensitive exchange of emails. OIT will prioritize the security of the account over the ability to conduct personal business using that account. It is time for everyone to establish a personal email account and conduct their non-Berry activities there. This is not to say that you absolutely can’t use your Berry email for some personal activity. Some companies give discounts for customers with .edu email accounts and it is perfectly acceptable to use your account for that purpose. For more sensitive activity, please use a personal account.

ONE MORE THING!

If you supervise student workers, please be on the lookout for an email from OIT asking you some basic questions about how your student workers do their jobs. Because of our new resources to manage and secure our systems and data, we are making adjustments to our network that could impact your office work flow, so please, when you see the email, take five minutes to read and respond. Thanks!

That’s it for July. I hope everyone’s summer is progressing well and you are able to get important work done as we move forward toward August.

All Berry students, faculty and staff have MFA enabled on their Berry account, and you should use it in the most secure way via the Microsoft Authenticator app on your smart phone. But don’t stop there! Use the Microsoft Authenticator as your second factor on any site that supports Google Authenticator. Turn MFA/2FA on everywhere you can. Yes, it will take you another few seconds to log in, but your data and account will be safer.

Please continue to report those phishing emails! Once the fall semester starts, we will begin holding a drawing at the end of every month for a small prize and all you need to do to enter the drawing is to report a phishing email.

If I’m not covering a topic of cybersecurity you are interested in or concerned about, please let me know. I want to be your first and best resource on cybersecurity information, so let me know how I can help and inform you.

If you’re not following Berry OIT on Facebook (@BerryCollegeOIT), Twitter (@berryoit), or Instagram (@berrycollegeoit), you should be, as more information from OIT and specifically Information Security, will be provided using these outlets. If you are not into social media, you can also subscribe to get updates via email. Just use the link available in the right-hand sidebar on the website.

Check out https://support.berry.edu for more information about OIT and the services we provide. You can always check back here for warnings about current phishing emails, confirmations of valid emails you might have a question about, and data breach notifications. There’s also the events calendar where events will be posted, like Cybersecurity Awareness Month.

Food For Thought

I offer a potentially controversial piece of food for thought. The movie “Sound of Freedom” is playing in limited theaters this week (Rome is currently not on the schedule, but Cartersville is). Based on a true story, this gripping film attempts to expose one of the darkest stains on the human race – child slavery. Ignore the nonsense about this movie being “Q-Anon adjacent”. This is real, this is happening, and it will take a world-wide movement to limit the horrendous effects of child trafficking. Here’s the trailer and a message from Jim Caviezel about the goal of the filmmakers.

Featured Image: Photo by Grégoire Bertaud on Unsplash

(Visited 217 times, 1 visits today)