IT services status

Find out the current status of IT services at the University of Bath

Topic: Security

Phishing Email titled: IT HELP DESK

  

📥  Phishing, Scams, Security

We are getting reports of a phishing email being sent to students and staff.

This is fake. Please ignore and delete this email. Please do not click any links or send any personal information.

If you are concerned about an email you are sent, you can forward it to: phishing@bath.ac.uk and the team will advise.

Example of the email:

subject: IT HELP DESK

Due to recent upgrades on our servers.  Your 5 (Five) incoming Emails are on hold. Please validate below to retrieve your email

Click here to retrieve and update your email account.

We are sorry for the inconvenience.

IT HELP DESK

 

GlobalProtect VPN upgrade

  

📥  Security

Staff and students will be prompted to upgrade the next time they start a GlobalProtect VPN session.  Please accept this prompt to GlobalProtect 3.03.

Please note, the upgrade to version 3.1 is imminent.

Use go.bath.ac.uk/it-status to find out the current status of IT services at the University of Bath

 

Fake email about Webmail

  , ,

📥  Phishing, Scams, Security

We have been alerted to an email that has been sent to some users within the University entitled "Account Lock Notice" which states that your webmail account has been locked due to too many login attempts. The links in this email take you to a site that asks for your login details.

This email has not come from us so please don't click on any of these links. If you are concerned about an email you have received you can always email phishing@bath.ac.uk and the security team will verify this for you. We have reported the fake site to Google Safe Browsing.

Read our advice on dealing with phishing emails.

 

Password Change Request

  , , ,

📥  Phishing, Security

Recently a number of members of the University community received a phishing email which requested personal details as well as their University user name and password, leaving those who responded exposed to identity theft. As a precautionary measure Computing Services have contacted those affected and requested the password on their University computer account is changed.

Please check your University / Personal email and if you have received this email please follow the guidance within to change your password.

Accounts which have not had their passwords changed by 31st May 2016 will automatically have their passwords scrambled.

If you have any queries or experience difficulty changing your password please visit the Computing Services Service Desk on Level 2 of the library.

Please note when you change your password you will need to update any devices you have set to autmatically download email or connect to Eduroam.

Top Tips for Internet Security

  1. The University will not ask you for your bank account details in an email.
  2. Don’t click through from links contained in an email, ensure you copy and paste the link into your web browser
  3. The University will only ask you to enter your user name, password and personal information into secure web pages hosted on the .bath.ac.uk domain
  4. Does the From: addresses match the organisation represented, e.g. appear to be from another university but claim to be the University of Bath
  5. When you hover over a link does it match the displayed organisation

Further information and guidance can be found on our malicious emails web page.

 

Please be aware of further phishing attacks

  ,

📥  Phishing, Security

Following on from the 'grant offer' phishing attack we reported earlier this week, we have received reports of another attempt this time targeting the old webmail sign on page and verifying credentials. Please be aware that all staff and students should now have migrated to Exchange and so please do not enter your password or click any links.

 Below is an example of the phishing email:

Subject: Beware EMail security Alert!

Dear User,

There has been an automatic security update on our Bath University Administrative Server system, Please use the direct link below to validate your WebMail account.

CLICK HERE: [LINK to phishing page]

 

Copyright © 2016 University of Bath. All rights reserved IT Support &  Web Desk Computing Services (this is a fake phishing link).

 

What if I have submitted the form?
You must reset your password immediately if you are unsure of how to do this or you are unable to access the tool please visit the IT Service Desk on Level 2 of the Library for assistance.

You can also read the University of Bath phishing information, which gives further advice. You can also forward phishing or emails you suspect are phishing  emails to: abuse@bath.ac.uk

 

 

Badlock Samba vulnerability

  , , ,

📥  Security

On April 12 2016, an important range security vulnerabilities were disclosed in Windows Server Message Block (SMB) and the Open Source implementation Samba.  The group of vulnerabilities were named Badlock and it received  attention prior to the announcement and afterwards

 

Whilst it was anticipated to be a critical vulnerability the issue is less disruptive as first thought though still important to address quickly.   Computing Services will roll out the patches to servers and desktops quickly in line with a normal but accelerated procedure and they should have no adverse effect on your working day. Patch testing has started already and we will try and limit any service interruptions to our risk Tuesday maintenance period (7am-9am).

 

 

Students - beware of 'Grant' phishing emails

  , , ,

📥  Phishing, Scams, Security

Students have recently received phishing emails purporting to be from the University Finance Office. You should not click on the link within these emails.

Some of our students have reported they have received false emails pretending to be from the University Finance Office, advising them they are entitled to receive a financial grant. We have also had reports that some students who entered bank details and personal information have had money taken from their bank accounts.

  • If you have provided any financial (bank details or credit card details for example) or personal information in response to this email please contact your bank or card provider immediately to advise them that you have been the victim of a fraudulent email scam to obtain your financial details. They can take steps to protect you and your financial information. Do not wait to contact us before doing this.

Please  change the password on any accounts that you have signed up for using the email address that this phishing email was sent to.

These emails are fake and can be spotted as they have not been sent from a University of Bath email address.

The emails contain the following message:

Dear University Member,

Following the meeting by the university with the Government with regards to support for student  and staff research purposes, we are pleased to let you know that Study-Support fund has been awarded to the university by the government.

You qualify to receive the support/grant. To ensure that you receive your grant promptly, you are required to submit your details via the web link below.

Grant Information link

Please click on the link above or copy and paste it into your browser to submit your details.

You will be contacted via your registered address with the university on grant has been successfully processed.

Regards,

Finance Department

University of Bath

You should not click on the link inside the message as this leads to an insecure website asking you to supply personal and banking information which could be used to carry out identity and financial theft.

What if I have submitted the form?

You must reset your password immediately if you are unsure of how to do this or you are unable to access the tool please visit the IT Service Desk on Level 2 of the Library for assistance.

You can also read the University of Bath phishing information, which gives further advice.

 

New OS X Ransomware affecting Transmission (BitTorrent client)

  ,

📥  Scams, Security

It has recently come to light that users who downloaded version 2.90 of the Transmission BitTorrent client for OS X from official website after 3.00 GMT, March 4, 2016 and before 1100 GMT, March 5, 2016, may be been infected by the "KeRanger" ransomware.

If you are running Transmission on your Mac (and yes, there are legitimate uses for torrents) then please ensure that you update to 2.92 immediately as this version is free of malware and additionally, it removes the malware caused by the previous build (2.90).

This demonstrates that although malware is less common on Macs when compared to their Windows counterparts, they are certainly not invulnerable to malicious applications and care still needs to be taken to avoid being affected by malware. Such steps can include:

  • Ensuring that OS X is kept up-to-date
  • Installing anti-virus on your Mac
  • Being careful to only download applications from trusted sources.

 

If you have any questions or concerns then please get in touch with the IT help team.