CaTS BULLETIN
The CaTS Bulletin is your one stop source for news, announcements, security information, and virus alerts related to computing at Wright State University. If you have a question, suggestion, or concern about any of the items listed below, please contact the Help Desk by calling 775-4827 or by sending an email to helpdesk@wright.edu. You can also call the CaTS Hotline at 775-4828 for up-to-date information on the status of the WSU computing network.
Legend: 
= News/Announcements
= Virus Alerts
= Email/Phishing Scams
= Security Information
Upcoming Maintenance | November 6, 2009
Please note that during the regularly scheduled maintenance window on Sunday, November 8 (7:00 - 11:00am), CaTS will be installing updates to our authentication servers. Depending on which server you are connected to, you may experience intermittent outages when trying to authenticate or login to services. All maintenance should be completed by 11:00 a.m. If you have any questions, contact the CaTS Help Desk by calling 937.775.4827, or sending email to helpdesk@wright.edu.
Upcoming Maintenance | August 10, 2009
Please note that during the regularly scheduled maintenance window on Saturday, August 15, there will be no access to MatLab and possible brief outages to the authentication system. All maintenance should be completed by 8:00 a.m. If you have any questions, contact the CaTS Help Desk by calling 937.775.4827, or sending email to helpdesk@wright.edu.
Phishing Scam | July 17, 2009
The Help Desk was recently notified of another phishing scam email that targets students, faculty, and staff of Wright State University. The message asks the reader to verify their webmail account information. Please note that this is a scam and not an official notice from Wright State University. DO NOT reply to the email or follow any of the links, and delete the message immediately. The text of the email is shown below.
Dear wright.edu User,
We have noticed an unauthorized attempt to change your wright.edu password from a foreign IP. This was going to result to your inability to access your account due to the password change. If you know you are the authorized owner of this account, kindly reply by providing your original User ID (*******) and PASSWORD (*******) so as to protect your ID and password from unauthorized access.
Failure to do this will violate the wright.edu email terms & conditions.
Thanks for using wright.edu
The wright.edu Tech Support.
All content (c) Copyright The wright.edu
Again, please do not do follow any link in the email or reply with any of your personal information. If you have questions concerning this, please contact the Help Desk at 775-4827.
Systems Unavailable 6/30 - 7/1 | June 26, 2009
To accommodate the fiscal year end reconciliation, the following systems will be briefly unavailable from 8 p.m. on Tuesday, June 30, 2009 until 2 a.m. on Wednesday, July 1, 2009:
- WINGS Express
- Banner Admin
- TK20
- Parking Services
- Wright1 Deposits
- WrightBuy
- Software & Music Sales
McAfee Updates | June 25, 2009
CaTS would like to inform the university that on Monday, June 29, we will be updating all Windows-based networked computers with the latest versions of McAfee products, including McAfee Agent 4.0, McAfee Anti-virus 8.7, and McAfee Anti-spyware 8.7. When you login to your computer on Monday morning, the software will be updated automatically over the network, and you should not see any additional dialog boxes. For those users on campus using Macintosh computers, this update must be installed manually. A representative from Desktop Services will be contacting individual departments to schedule an installation date for Mac users. If you experience any problems during this update, please contact the Help Desk at 775-4827, or send an email to helpdesk@wright.edu.
Twitter Scareware Attack | June 3, 2009
A scareware scam is spreading through Twitter. A message reading "Best Video" contains a link that, if clicked, leads users to a site that
attempts to download phony security software known as scareware onto their computers. Once a machine is infected, the malware tells users
that certain programs cannot be run because they are infected and offers several different packages at varying prices for software that will
"clean" their computers of the infection.
See http://www.eweek.com/c/a/Security/Twitter-Hit-With-Fake-Security-Software-Scam-663998/
Scammers Target Economic Stimulus Payment Recipients | May 13, 2009
This alert references a Wall Street Journal article talking about how scammers target economic stimulus payment recipients.
According to a report in The Wall Street Journal, scammers are targeting people who are expecting to receive economic stimulus payments from the US Social Security Administration (SSA) this month. Targets of the scam are receiving email messages that send them to a phony SSA website where they are asked to supply their SSNs, bank account numbers and other information to receive their payments. SSA spokesperson Mark Hinkle says recipients do not need to take any action to receive their payments; they will be mailed or deposited into bank accounts automatically. See the following websites:
http://www.scmagazineus.com/Social-Security-Administration-spoofed-in-phishing-scam/article/136549/
http://online.wsj.com/article/SB124191414666904049.html?mod=googlenews_wsj
Phishing Scam | March 17, 2009
The Help Desk was recently notified of another phishing scam email that targets students, faculty, and staff of Wright State University. The message asks the reader to verify their webmail account information. Please note that this is a scam and not an official notice from Wright State University. DO NOT reply to the email or follow any of the links, and delete the message immediately. The text of the email is shown below.
Dear EDU Subscriber,
We would like to inform you that we are currently performing scheduled maintenance and improvement of our email service and as a result of this, have changed our email client and your password will be adjusted. We are Sorry for any inconvenience caused. To keep your EDU account, you must reply to this email immediately and enter your current password here (******). Failure to do this within 48 hours, would immediately render his/ her email account deactivated from our database. Once again your urgent response to this email is appreciated and We apologize for any inconvenience this would cause you during this period.
Thank You !
"EDU SUPPORT TEAM."
© EDU ABN 31 088 377 860 All Rights Reserved.
Again, please do not do follow any link in the email or reply with any of your personal information. If you have questions concerning this, please contact the Help Desk at 775-4827.
Malicious Code Targeting Social Networking Site Users | March 5, 2009
The following is a notice from US-CERT, The United States Computer Emergency Readiness Team, regarding malicious code that targets users of social networking sites:
US-CERT is aware of public reports of malicious code spreading via popular social networking sites including myspace.com, facebook.com, hi5.com, friendster.com, myyearbook.com, bebo.com, and livejournal.com. The reports indicate that the malware, named Koobface, is spreading through invitations from a user's contact that include a link to view a video. If the users click on the link in this invitation, they are prompted to update Adobe Flash Player. This update is not a legitimate Adobe Flash Player update, it is malicious code.
Additionally, some of the reports indicate that there are multiple bogus Facebook applications being used to obtain users' private information.
US-CERT encourages users and administrators to do the following to help mitigate the risks:
* Install antivirus software and keep the virus signature files up to date.
* Do not follow unsolicited links.
* Use caution when downloading and installing applications.
* Obtain software applications and updates directly from the vendor's website.
* Refer to the Staying Safe on Social Networking Sites document for more information on safe use of social networking sites.
* Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
Relevant Url(s):
http://www.us-cert.gov/cas/tips/ST04-014.html
http://www.us-cert.gov/cas/tips/ST06-003.html
Conficker Worm | January 29, 2009
Many of you may have read or heard of a Windows vulnerability being exploited by a worm referred to as the Conficker (Downadup) worm. Microsoft issued a
patch for this vulnerability in October 2008 and CaTS deployed this update at that time. If your computer is set up properly for automatic updates, your
computer should have this patch installed. To verify this, you can go to Control Panel --> Add Remove Programs. Click the option on the upper right of the
Add Remove Programs control panel to Show Updates. If your computer has been patched, a security update should be listed with the following number:
KB958644. If this update has not been applied, please call the CaTS Help Desk at x4827 for assistance.
This patch will protect your computer from the Conficker worm being spread over the network. However, this worm can also be spread via USB drives. The
patch does not protect against this type of infection. Making sure that your antivirus software is up to date will provide protection from known variants
of this worm, but unknown variants may slip by antivirus software. The best advice we can give is to be careful about plugging your USB drives into public
computers, computers that may not be patched, or computers that have no antivirus software installed.
Phishing Scam | October 24, 2008
The Help Desk was recently notified of another phishing scam email that targets students, faculty, and staff of Wright State University. The message asks the reader to verify their webmail account information. Please note that this is a scam and not an official notice from Wright State University. DO NOT reply to the email or follow any of the links, and delete the message immediately. The text of the email is shown below.
Dear Wright.Edu Email Account Owner,
This message is from Wright.Edu messaging center to all Wright.Edu email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused Wright.Edu email account to create more space for new accounts. To prevent your account from closing you will have to update it below so that we will know that it's a present used account.
To complete your Wright.Edu Webmail account, you must reply to this email immediately and enter your Email here(********), Email Password here in words (*********) and your full name and address. You can also confirm your email address by logging into your Wright.Edu Webmail account at https://webmail.wright.edu. Failure to do this will immediately render your email address deactivated from our database.
Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.
Thank you for using Wright.Edu Webmail Gateway
Warning Code:VX2G99AAJ
Thanks,
Wright.Edu Webmail Team
Again, please do not do follow any link in the email or reply with any of your personal information. If you have questions concerning this, please contact the Help Desk at 775-4827.
If you're looking for a CaTS Bulletin post older than June 1, 2008, click here to access a PDF version of the CaTS Bulletin Archive, dated September 2003 - June 2008. Please note that links referenced in this archive file may no longer be valid due to various reasons.
