Campus Phishing Alert 3/20/2018

Many received an email sent March 20, 2018 claiming to be from Dr. Hoyt about a Business Integrity Program The email had a subject of FW:[ATTENTION REQUIRED] Sam Houston State University Revised Business Development, Implementation, and Review of Guidelines and Goals” and looked like the example below.

screenshot of phishing emailThe message contained a PDF that when opened requested your SHSU login credentials. IT Security has blocked any further emails from being delivered and blocked the site that is storing entered login credentials.  They have also contacted the appropriate parties to disable and remove the malicious site.

If you received this message and still have the email in your inbox with the subject of FW:[ATTENTION REQUIRED] Sam Houston State University Revised Business Development, Implementation, and Review of Guidelines and Goals, please delete the email. No further action is required.

If you have already opened the PDF and entered your username and password, please:

  • change your password as soon as possible at https://samweb.shsu.edu, by clicking on the IT@Sam menu, then on Account Password Change; and
  • contact the Service Desk (this will help us determine the magnitude of the Phishing incident).

Please contact the Service Desk at (936) 294-1950 or servicedesk@shsu.edu should you have any questions, concerns, or trouble resetting your password.

 

March 16th- Power Outage

Please see the below message from Facilities Management about an upcoming campus power outage and plan accordingly. Access to computing resources (such as Banner, the website, and remote servers) from off-campus will not be affected during this power outage.


Banner with the text Sam Houston State University and Facilities Management

From the Office of the Associate Vice President for Facilities Management:

Electrical Shutdown- Friday, March 16 from 6:00 a.m.-8:00 p.m.

An Electrical shutdown affecting the majority of the Main Campus is planned for Friday, March 16 (“Energy Conservation Day”) from 6:00 am until 8:00 pm, 14 hours. This shutdown is necessary to provide power for the new Lowman Student Center Addition.

The following buildings will not have electricity or air conditioning:

• Academic Building I
• Academic Building III
• Academic Building IV
• Alpha Chi Omega House
• Alpha Delta Pi House
• Anne Shaver House
• Austin Hall
• Baldwin House
• Belvin-Buchanan Hall
• Bobby K. Marks Admin.
• Chemistry & Forensic Science
• CHSS Building
• Crawford House
• Creager House
• Dan Rather Communications
• Estill Building
• Evans Complex
• Farrington Building
• Garrett TEC
• Gibbs House
• Houston House
• Jackson-Shaver Hall
• Lee Drain Annex
• Lee Drain Building
• Mallon House
• Lowman Student Center
• Margaret Lea Houston
• Museum Complex
• Music Building
• Newton Gresham Library
• Peabody Memorial Library
• Pritchett Field
• Rachel Jackson House
• Raven Village
• Recreational Sports
• Sam Houston Parking Garage
• Sam Houston Village
• Sigma Sigma Sigma House
• Smith Hutson
• South Paw
• Thomason Building
• University Theatre Center
• West Central Plant
• White Hall
• Visitor & Alumni Center
• Walker Education Center
• Zeta Tau Alpha House

The following buildings will not have air conditioning:

• Elliott Hall
• Fred Pirkle Engineering Technology Center
• Old Main Market
• Powell Student Health & Counseling Center

For questions regarding this outage please contact Chuck Jones, Facilities, Planning & Construction, 936-294-3677.

Dates are subject to change due to unforeseen and uncontrolled circumstances. Please check the Facilities Management Website to stay up to date on all projects, closures, and campus interruptions.

Identifying Phone Scams

Traffic Sign with the words Scam Alert

Have you recently received a phone call from someone telling you that there is something wrong with your computer and they need to fix it? If so, this was most likely a phone scam.

Identifying a scam can be tricky and with caller ID spoofing, this tricky task can become downright difficult.

There are four common types of phone scams:

IRS Scam

We are close to tax season, so be on high alert for this scam. This involves the caller threatening legal action and/or arrest if a fine is not paid. If you take the bait, they then “verify” your personal information by asking for sensitive information such as your social security number, credit card number, or bank account information.

Jury Duty Scam

This scam involves the caller claiming that they are a member of law enforcement and they are warning you of a warrant for your arrest due to not reporting for jury duty. Again, if you take the bait the call caller asks for you to verify your identity by providing sensitive information such as your social security number.

Tech Support Scam

A person calls you claiming to be from Apple, Microsoft, or even IT@Sam and tells you that your computer is experiencing problems that needs correction. If you take the bait, they will direct you to a website to install a program that will give them access to your computer. Once they have access they can install malware and/or obtain sensitive data from your computer.

Government Grant Scam

With this scam, you will receive a call offering you free money for various reasons. The catch is that you will have to pay a “processing fee” to receive the money. Once the person has your bank or credit card information, they take more than the “processing fee.”

General Tips

  • Never allow an unknown person access to your computer regardless of how convincing the caller may be.
  • Never give out personal information such as account numbers, social security numbers, mother’s maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious.
  • If you get an inquiry from someone who says they represent a company or a government agency seeking personal information, hang up and call the phone number on your account statement, in the phone book or on the company’s or government agency’s website to verify the authenticity of the request.
  • File a complaint with the Federal Trade Commission if you feel you have been the victim of a scam. If the scam involved access to Sam Houston State University equipment, contact the Service Desk as well.

As always, if you are unsure about the authenticity of a call, please contact the Service Desk at ServiceDesk@shsu.edu or x4-1950.

Data Privacy Day: Wi-Fi Networks

data privacy day logoThis year one of the focus points of Data Privacy Day is ‘Safeguarding Data.’ To help you safeguard your data, we encourage you to use the SamNet Wi-Fi network and other secure Wi-Fi networks rather than SamNet Guest and unsecured Wi-Fi networks.

When using unsecured Wi-Fi networks, you run the risk of having your data intercepted by malicious people that are able to place themselves between you and the hotspot. These bad actors can easily see emails, passwords, and instant messages. (Read an eavesdropper’s account of what he was able to see and do in a June 2013 article in PCWorld.)

In addition, using a secure protocol (such as HTTPS when browsing the web) helps to reduce your risk. However, this does not protect you fully on unsecured networks. Use of sophisticated hacking tools on unsecure Wi-Fi networks can attack some of these protocols and intercept personal data.

Bottom line: It is always best to use a secure Wi-Fi network if one is available to you.

Network Maintenance – 1/12/2018

Critical maintenance is scheduled for the campus network beginning Friday, January 12, at 11:30 pm and concluding at 3:00 am on Saturday, January 13.  During this maintenance, a complete network and Internet outage to campus resources will occur from 11:30 pm until midnight. Intermittent outages could occur for the remaining maintenance window. Please be mindful of this change and plan your work around this maintenance window.