DNS Recent Threats and Notifications

_________________________________________________________________________________________________________________________________________________________________________________________________________

09/11/2015 – Cyber Alert

At 10:15 a.m. on September 10, 2015, Polk State College Information Technology staff members became aware of malware on the Academics page of the www.polk.edu website.  The internal firewall automatically blocked access to the affected page from all campus workstations, preventing internal infections.  Polk State College does its best to protect our customers and we immediately contact our outside service provider to investigate and resolve the issue.  The source of the problem was identified and addressed by our service provider by 10:51 a.m.

All webpages associated with www.polk.edu were functional shortly thereafter.

No personal information was compromised and not every visit to the affected page resulted in a malware infection.  However, if you visited our website from an off-campus or personal computer during that time period, we recommend that you do a full virus scan on your machine.  In addition, we recommend that you keep your system up to date with all of the latest patches and software updates.

We are working with our web service provider to ensure that the proper security procedures are in place in order to prevent this type of incident in the future.  Additional updates about this incident will be posted on the College’s Information Technology and Services DNS Recent Threats and Notifications page. For more information, please contact the Office of Communications & Public Affairs at 863.292.3744

If you want to know how to update your computer, please click here

_________________________________________________________________________________________________________________________________________________________________________________________________________

07/29/2015 – Cyber Alert

We have been notified by several members and experienced first hand a scam email alert being perpetrated on businesses in our area.

It is targeted towards staff accountants asking them to send money via a wire transfer.

The scammers are finding the ‘about us’ or ‘staff’ pages on a company’s website and identifying both the CEO and the accountant/finance staff/office manager. They then send a very convincing email from the CEO to the accountant requesting them to wire money to an account.  The from address is accurate (which can be faked easily), but the email has a seldom used ‘reply-to” address feature that is different from the CEO’s email address.  Most people that receive these emails will think it is legitimate because the “from” address is correct.

If they reply to the message with questions or for confirmation, the email will go to the scammers email account instead of the CEO’s, because the reply-to address was specified in the original email.   The scammer will reply using a well crafted message, and reiterating how critical the wire is.

The wire requests are for amounts varying from $17,000 to over $400,000!

The FBI is aware of the scam. We wanted to ensure that our members were on the look out and informed their staff.

_________________________________________________________________________________________________________________________________________________________________________________________________________

07/23/2015 – Cyber Alert

At 8:10 AM on July 23, 2015, Polk State College became aware of malware on our website, www.polk.edu . Polk State College does its best to protect our customers and we immediately contacted our outside service provider and blocked access to the site from all campus workstations. The source of the problem was identified and addressed by our service provider by 2:00 PM. The site was active again by 2:35 PM.

No personal information was compromised and not every visit to the site resulted in a malware infection, however, if you visited our website from an off-campus or personal computer during that time period, we recommend that you do a full virus scan on your machine.  In addition, we recommend that you keep your system up to date with all of the latest patches and software updates.

We are working with our web service provider to ensure that the proper security procedures are in place in order to prevent this type of incident in the future.  Additional updates about this incident will be posted on the College’s Information Technology and Services DNS Threats and Notifications page. For more information, please contact the Office of Communications & Public Affairs. 863.292.3744.

If you want to know how to update your computer, please click here

 

_________________________________________________________________________________________________________________________________________________________________________________________________________

02/28/2015 – Cyber Alert

ALERT: wire transfer phishing targeting university presidents and VPs.

REN-ISAC is receiving reports from its members concerning a resurgence of phishing attacks aimed to cause fraudulent wire transfers of funds. In most of the reports, the message appeared to come from the university president, by name, to a vice president, by name, asking for “help [to] process an outgoing wire transfer.” One report involved the combination of CEO and CFO. Attacks are occurring today and extend back at least two weeks (one outlier as far back as November). We recommend you share this awareness alert among executive and security staff, and particularly with persons who have authority to conduct wire transfers.

This attack, in some ways, parallels phishing attacks against institutional online banking conducted in 2010-2011. At that time, we published technical and CIO/business officer Alerts [1][2] about the attacks. Those alerts are still relevant and may prove helpful in defense against the current attacks.

For more information, see the links below:

[1] http://www.ren-isac.net/alerts/banking-attacks_cio-bo_201001.html

[2] http://www.ren-isac.net/alerts/banking-attacks_technical_201001.html

_________________________________________________________________________________________________________________________________________________________________________________________________________

01/15/2015 – Cyber Alert

National Cyber Awareness System:

IC3 Issues Alert on University Employee Payroll Scam

Original release date: January 15, 2015

The Internet Crime Complaint Center (IC3) has issued an alert addressing a spear phishing scam targeting university employees and their payroll accounts. Scam operators use fraudulent e-mails and websites to entice employees to reveal login credentials.

Users are encouraged to review the IC3 Alert for details and refer to Security Tip ST04-014 for information on social engineering and phishing attacks.

________________________________________________________________________________________________________________________________________________________________________________________________________

10/23/14 – POODLE Alert

The recently acknowledged vulnerability of the secure communications tool SSL version 3.0, called POODLE, leaves services using SSL version 3.0 vulnerable to having encrypted communications converted to easily-intercepted plain text. The Desktop and Networking Team are working to disable SSL version 3.0 on systems across the College in order to mitigate the vulnerability.

Software updates and security patches are being applied, which is the best way to proactively protect our systems. Vendors are working to release updated software as soon as possible.

If you have questions or need assistance, please contact the Help Desk at 863.292.3652 or 5111.