Equifax Data Breach

/in /by

Equifax Inc. logo. (PRNewsFoto/Equifax Inc.)

On Thursday, September 8, 2017, Equifax announced a cybersecurity incident which could have lead to the release of information of up to 143 million individuals. Personal information has been compromised in this case including name, social security numbers, birth dates, and other personal information.

Here are some steps you can take:

  • Watch your financial accounts (including credit cards) closely. Often, small charges will be used to confirm that your account is still open and active. If you see any suspicious activity, you need to contact your financial institution as quickly as possible to rectify the situation.
  • Check your credit report for any unusual activity and contact the reporting agencies to fix it.
  • Work with your financial institutions to fraud monitoring or credit freezes. You can also look into a credit monitoring service for continual monitoring.
  • You can check whether you were affected by the data breach go to https://www.equifaxsecurity2017.com/enroll/ and scroll down on the page to “Begin Enrollment” button.
  • The Federal Trade Commission has a helpful website with resources for identity theft. Visit https://www.identitytheft.gov/Info-Lost-or-Stolen for more information.

Google Docs Phishing Fix-it

/in /by

Here are some things you should look at doing if you gave permission to the fake “Google Docs” application after clicking a link in one of the phishing emails.

If you cannot view the video, you can follow these instructions to remove the app from your account permissions:

If you’ve already followed one of these links and signed in with your Google credentials, please change your password and also make sure you remove the fake “Google Docs” app from your account. Click here (https://myaccount.google.com/security?pli=1#connectedapps), select “Manage Apps,” click on any entries called “Google Docs” (the actual Google Docs won’t require access in this way), and click the Remove button.

If you have any other questions, please let Network Services know.

Update: Here is some more information on the attack. It appears that Google is now working to mitigate the attack itself with warnings and suspensions of the applications.

Recent Spate of Compromised Google Accounts

/0 Comments/in /by

Google LogoRecently, Network Services has been notified of a number of MLC Google Accounts being compromised, most often by the account information being found on publicly-available credential lists from past compromised sites. In most cases this has not meant that Google or MLC has been compromised, but that one of two things has happened:

  • A person has freely given over their account credentials after being scammed via a phishing email.
  • Another website has been compromised and the credentials gained from there were the same as what is used for an MLC Google Account.

In both cases, the same thing occurs:

  1. Google suspends the affected MLC Google Account.
  2. MLC Network Services is notified of the possible compromised.
  3. MLC Network Services staff change the password on the account and then restore the account.
  4. If a person has a personal email address listed on Portal, they are sent a password reset email and a message warning that the change has been done.

If the person does not have a personal email addresses listed on Portal, they are not notified and will not be able to log into their account until they contact Network Services and requests a password reset after verifying their identity in some way.

If your account was compromised and you have access again, then you need to do two more things:

  • Check for filters and forwarding rules so that email is not being forwarded to suspect addresses.
  • Check to make sure their signature has not been changed.
  • Check under Accounts for settings changed for how you are sending email. You will want to check what your reply-to address is set as too.

The recently compromised accounts have had a problem where incoming emails are automatically sent to Trash. Removing that filter above will fix that issue specifically.

Google has also provided a page with information on how to keep your MLC Google Account more secure. You can take a look at that page and follow any steps on it to secure your MLC Google Account beyond just a simple username and password.

Prepare for Scammer Tactics

/in /by

Fishing?Between phishing emails and phone scammers, the landscape around attacks on computing devices has gotten both more and less sophisticated. Many times, even protective services you run on your computing device are not going to help to deter these attacks nor to find and warn you before you have given up sensitive information (normally username and password) or money.

Fahmida Rashid of PCWorld recently published an extensive article where she has been playing prey for phone scammers in order to learn how they operate and what things to be looking out for.

Pleas read What I learned playing prey to Windows scammers and take to heart any tidbits which might help thwart these attacks in the future!

Social Engineering Red Flags

/in /by

You might start by asking “what is social engineering?”

Social Engineering is the art of manipulating, influencing, or deceiving you in order to gain control over your computer system. The hacker might use the phone, email, snail mail or direct contact to gain illegal access. Phishing, spear-phishing, and CEO Fraud are forms of social engineering.

That is from KnowBe4. There has been a recent uptick in social engineering attacks across campus, usually spreading through your MLC Google Account (Gmail).

You can download a nice Social Engineering Red Flags PDF to read, print, and share to give yourself some nice warning signs to look out for online (including email).

As always, if you ever have any questions about the legitimacy of any email or websites, please contact MLC Network Services before opening the email or viewing/downloading any attachments.