Security

NCSAM Week 4 – Finally, Phishing

For the 4th week of NCSAM, we’ll address the highest risk email-based threat that we can receive: phishing. TL;DR: when you get one of these emails, please use Gmail’s “Report phishing” function, just like with scams last week. Phishing usually has a specific focus: to steal the credentials to… Continue reading »

NCSAM Week 3 – Handling email-based scams

Scams are usually emails from unknown senders, often spoof college personas, almost always include a sense of urgency, and are designed to steal from you. Student-facing scams often include offers of part time work (just send $500 for setup fee and equipment), but can take many shapes, including natural… Continue reading »

Let’s Uncan the Spam!

Spam is unsolicited email from legitimate sources, like junk mail and catalogs you may receive in the actual mail. Spam intends to get a message out (like a sale or a new product release) but is not meant to trick you and is low-risk to you and the college. Because… Continue reading »

Get ready for classes and apply your patches!

On the Microsoft side of the house, Windows users should Check for Updates and apply them, restarting your computer when requested. On Tuesday, 8/13, Microsoft released patches for almost 90 security vulnerabilities, including six 0-days under active exploitation. If you are on macOS or a Linux system, please check for available… Continue reading »

Increased phishing risk after Workday go-live

Over the past few days, we have noticed an increase in emails claiming to come from Williams faculty or staff requesting a change in their direct deposit settings. Another common theme is a bad actor pretending to be a vendor we work with, and asking our Finance group to change… Continue reading »

Scam alert – who can you trust?

We have observed an uptick in scams targeting students, faculty and staff. In general, they are predominantly email-based, and often mimic job offers, research opportunities, or the occasional piano for sale. Please remember, only trust emails that come from @williams.edu addresses. We employ solid defensive security measures for our domain,… Continue reading »

Unwanted Browser Notifications

A recent tactic for Phishers and Spammers is to trick users to allow notifications on websites. They will use these notifications to spam you with ads and fake virus messages. The intent is for users to click these messages then install their software or allow someone to remote into your… Continue reading »

Fake Job Scams are back

Fake job scams continue to appear, often from @gmail addresses and claiming to be a faculty member sending them. Please be suspicious of any email sent from an email address you don’t recognize or know. Williams faculty and staff will communicate via their @williams.edu accounts, not from @gmail. When/if you… Continue reading »

Using Okta MFA with the Williams VPN client

To enhance the security of our systems, Okta MFA will be required for VPN access starting November 15.    Active ransomware groups are targeting organizations that do not have MFA for their VPN users*.  If you have not yet signed up for Okta please do so. To use Okta MFA… Continue reading »

Demystifying Social Engineering – Fake Job Scams

Employment scams, or fraudulent job offers, pose significant risks to job seekers and can have devastating consequences. These scams typically involve criminals posing as legitimate employers, often using convincing job postings, emails, or even phone calls to lure unsuspecting individuals. More Information… Continue reading »

Goodbye Sophos, hello CrowdStrike

OIT is in the process of transitioning away from Sophos and to CrowdStrike. This has been underway for a few months, but what’s changing is the pace of our remaining deployment. Having successfully tested CrowdStrike throughout the college, next week we will begin to push it out to all college-owned… Continue reading »

Urgent need to update your devices

As if we don’t have enough excitement with the beginning of a new year, please take a few minutes before the semester gets into full swing and update your devices. This is good advice for any device, which can benefit from software updates and regular power-off/power-on cycles, but there are… Continue reading »

  • 1
  • 2