IT Security Awareness News

Home IT Security Awareness IT Security Awareness News

• Latest email scam alert: November 9, 2009
• Annual computer security reminder to campus from VC IT Mary Doyle - October 2009
• October is National Cyber Secuity Awareness Month
• Computer Security Awareness Poster & Video Contest Winners Announced
• Phishing Quiz
• June was National Internet Safety Month!
• Security policies announced to campus May 2009
• Hallmark virus email scam - January 2009
• Archives: 2008, 2007, 2006

Go to Email Scam Alerts web page
Go to Security Awareness home page

Email Scam Alert - November 9, 2009

Please be advised of an email scam that appears to be from " UC Santa Cruz <ucsc@mail2webmaster.com> " with the subject, "Case ID". This is a phishing scam attempting to trick you into revealing your email password. PLEASE DELETE THIS EMAIL. DO NOT REPLY!

** You should never disclose your password to anyone, even if they say they work for UCSC, ITS, or other campus or UC organizations. **

Please contact the ITS Support Center if you have any questions. The email scam reads as follows:

Date:       Mon, 09 Nov 2009 07:16:19 -0800
From:      UC Santa Cruz <ucsc@mail2webmaster.com>
To:          undisclosed-recipients
Subject:   Case ID    

Dear ucsc.edu Account User,  

We have noticed an unauthorized attempt to change your University of California Account password from a foreign IP. This was going to result to your inability to access your account due to the password change.

We are about to terminate your account but If you know you are the authorized owner of this account, kindly reply by providing your original  

Unity ID (*******)
Password (*******)

so as to protect your ID and password from unauthorized access.

Failure to do this will violate The University of California's email terms & conditions.  

From The University of California Admin and Web Support

© 2009 The Regents of The University of California. All rights reserved.http://www.ucsc.edu  

"Warning:
The information contained in this email and any attached files is confidential to The University of California. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited.  If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility.  It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."

(back to menu)

Annual computer security reminder to campus from VC IT Mary Doyle

October 28, 2009
As National Cyber Security Awareness Month comes to a close, I want to reinforce the need to be vigilant about two very relevant topics: the importance of security when working remotely, and the need to guard against scams. more...

(back to menu)

(back to menu)

(back to menu)

(back to menu)

June was National Internet Safety Month!

National Internet Safety Month is an opportunity to increase awareness about the risks we and our families face on the Internet, and to promote information and resources to help us stay safe online. See complete article

Related links:

• Facebook privacy: Facebook users can find helpful information about Facebook privacy settings at allfacebook.com. Please note this is not an official Facebook web site.
• "No such thing as "deleted" on the Internet", article by Christopher Null, Yahoo!Tech

2008 National Internet Safety Month article
See archives for 2007 article.

(back to menu)

Security policies announced to campus - May 2009

May 5, 2009

To: UCSC Faculty, Staff, and Students
From: Janine Roeth, Campus Information Security Officer and Director, ITS Client Services and Security

Re: IT Policy Updates

Unit Managers: Please post a paper copy of this message in your area for people who do not have regular computer access.

------------

I write to inform you of three updates to campus IT policies and guidelines. As a reminder, campus information security requirements apply to all devices used for university business purposes, regardless of ownership or location.

1) UCSC “Policies for use of UCSC computing facilities” or “Acceptable Use Policy” has been updated. This policy identifies acceptable and unacceptable behavior when using campus computing resources. The revision clarifies existing information, incorporates related UC policy, and removes obsolete requirements. The policy is available at: http://policy.ucsc.edu/html/it0003.shtml

2) UCSC "Minimum Network Connectivity Requirements Policy" is a new campus policy that identifies minimum security requirements for devices connecting to the campus network. Devices not meeting these requirements may be blocked or disconnected from the campus network according to existing procedures. The policy is available at: http://policy.ucsc.edu/html/it0004.shtml

3) UCSC "Implementation Plan for Protection of Electronic Restricted Data" has been updated. This Implementation Plan outlines procedures relating to information security breaches and management of restricted data. Changes will primarily affect those with specific responsibilities for security incident response and for managing our campus inventory of personal identity information (PII). The policy is available at: http://its.ucsc.edu/security/policies/ucsc_breach_guideline.php

Additional details for each of the above policies are available at: http://its.ucsc.edu/security/policies/changelog.php

If you have questions about any of this information, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person M-F 8AM-5PM Room 54 Kerr Hall.

(back to menu)

"Hallmark virus" email scam alert - January 27, 2009

ITS issued the following critical email scam alert to all UCSC students, faculty and staff. This email scam was an excellent reminder not to open attachments or click on links in unsolicited email.

January 27, 2009

To: UCSC Faculty, Staff, and Students
From: Information Technology Services (ITS)

Re: Malicious Email Alert

As you may already be aware, a new wave of malicious email has hit the campus. These emails are trying to trick you into opening harmful attachments. This email scam is an excellent reminder not to open attachments or click on links in unsolicited email.

PLEASE DELETE THESE SCAM MESSAGES. Do not open the attachment, and do not reply to the email.

The malicious emails have subjects such as:

You've received A Hallmark E-Card!
Job offer from Coca Cola!
IKEA's New Planning Software

All of these emails include a "zip" attachment that may contain a virus or other harmful program. These attachments have file names such as:

postcard.zip
job_application_form.zip
planning_software.zip

If you accidentally click on an attachment in one of these messages and think your computer might have been infected, please contact the ITS Support Center immediately by submitting an IT Request ticket at https://itrequest.ucsc.edu or email help@ucsc.edu, telephone 459-HELP(4357), or in-person Kerr Hall Room 54.

For more details, please visit: http://its.ucsc.edu/security_awareness/news.php#email18

Thank you.

Information Technology Services (ITS)
http://its.ucsc.edu

(back to menu)

• 2008
• 2007
• 2006

(back to menu)