RSS Feed
News
Feb
10
Help in preventing phishing attacks
Posted by Dan Robinson on 10 February 2017 02:28 PM

Phishing is a technique that involves tricking a user to steal confidential or sensitive information, passwords, etc. Phishing can come in the form of email messages or posts on social media websites and apps and most appear to be from person or business you know.

There are two predominate ways that Phishing messages try to take advantage of the user. Phishing messages often request a user to reply sending sensitive information or they will provide a link to a website that has been comprised and setup to appear like a website you have business with or are familiar with.

Request for sensitive information

Phishing messages may seem like they are coming from a person you know. They may even appear to be sent from the same email address but will have a different reply address that is not the same as the person you know. When replying to any email take a moment to make sure the address you are sending to is the same as the user. For example, a email may come from Joe Smith (joe@mycomany.com), but when you hit reply the email address in the to field now becomes Joe Smith (joe@notmycompany.com).  Thus, your email is not being sent to Joe Smith (joe@mycomany.com) but rather Joe Smith (joe@notmycompany.com). 

Request for information through a website link

Some phishing messages may include a link that takes the user to a site known to have a confidential website, but they’re mere mimics with zero confidentiality. Thus, overconfident users could be involved in attacks that are aimed to steal personal data.

Any easy way to tell if the link is legit is to hold your mouse over the link. If the text for the link says amazon.com/myaccount but the text in the tooltip that pops up says amazon.somewherebad.com/myaccount or amzone.com/myaccount it is not the same site and you should never click on it. If fact, a good rule of thumb is to never click on the link, but rather open your web browser and navigate to the site through google search or by typing the address in yourself and doing so only for sites or companies you are familiar with.

So, what can I do?

It is easy to be tricked and the phishing messages are becoming more and more savvy. It is always a good rule of thumb, that when asked for any sensitive information or when sent a suspicious message to double check with the user or business for whom the message appears to have come from. Give them a call or send them a separate message asking “Hey did you send this”.

So what if I have to send sensitive data to someone?

The easy answer is don’t. But if you absolutely must you will want to use an encrypted email service or put a password on the file you are sending then call and verbally give the password over the phone to the recipient. Most programs like excel, word, pdf or zip files allow you to password protect the file.

Helpful tips

Here are 10 tips from phishing.org on how to avoid phishing attacks.

  1. Keep Informed about Phishing Techniques – New phishing scams are being developed all the time. Without staying on top of these new phishing techniques, you could inadvertently fall prey to one. Keep your eyes peeled for news about new phishing scams. By finding out about them as early as possible, you will be at much lower risk of getting snared by one.

  2. Keep Link Clicking to a Minimum – It’s fine to click on links when you’re on trusted sites. Clicking on links that appear in random emails and instant messages, however, isn’t such a smart move. Hyperlinks are commonly used to lead unsuspecting Internet users to phishing websites. Hover over links that you are unsure of before clicking on them. Do they lead where they are supposed to lead?
  1. Install an Anti-Phishing Toolbar – Most popular Internet browsers can be customized with anti-phishing toolbars. Such toolbars run quick checks on the sites that you are visiting and compare them to lists of known phishing sites. If you stumble upon a malicious site, the toolbar will alert you about it. This is just one more layer of protection against phishing scams, and it is completely free.
  1. Verify a Site’s Security – It’s natural to be a little wary about supplying sensitive financial information online. As long as you are on a secure website, however, you shouldn’t run into any trouble. Don’t just take a site’s word for it, though – always look for a few things before you provide your credit card information. For one thing, the site’s URL should begin with “https.” For another, you should see a closed lock icon near the address bar. Check for the site’s security certificate as well.

  2. Check in with Your Online Accounts Regularly – If you don’t visit an online account for a while, someone could be having a field day with it. Even if you don’t technically need to, check in with each of your online accounts on a regular basis. Get into the habit of changing your passwords regularly too.

  3. Keep Your Browser Up to Date – Security patches are released for popular browsers all the time. They are released in response to the security loopholes that phishers and other hackers inevitably discover and exploit. If you typically ignore messages about updating your browsers, stop. The minute an update is available, download and install it.

  4. Use Firewalls – High-quality firewalls act as buffers between you, your computer and outside intruders. You should use two different kinds: a desktop firewall and a network firewall. The first option is a type of software, and the second option is a type of hardware. When used together, they drastically reduce the odds of hackers and phishers infiltrating your computer or your network.

  5. Be Wary of Pop-Ups – Pop-up windows often masquerade as legitimate components of a website. All too often, though, they are phishing attempts. Many popular browsers allow you to block pop-ups; you can allow them on a case-by-case basis. If one manages to slip through the cracks, don’t click on the “cancel” button; such buttons often lead to phishing sites. Instead, click the small “x” in the upper corner of the window.

  6. Never Give Out Personal Information – As a general rule, you should never share personal or financially sensitive information over the Internet. This rule spans all the way back to the days of America Online, when users had to be warned constantly due to the success of early phishing scams. When in doubt, go visit the main website of the company in question, get their number and give them a call.

  7. Use Antivirus Software – There are plenty of great reasons to use antivirus software. Special signatures that are included with antivirus software guard against known technology workarounds and loopholes. Just be sure to keep your software up to date. New definitions are added all the time because new scams are also being dreamed up all the time.

 

Additional information about phishing can be found at phishing.org.


Read more »



Sep
15
All Issues Resolved
Posted by Matthew Austin on 15 September 2016 03:07 PM

We believe we have resolved all of the residual networking issues that were caused by this morning's storms.  If you are still experiencing problems connecting to network resources, the Wi-Fi or campus internet please call 712-707-7333 or email (from a working device) helpdesk@nwciowa.edu.  


Read more »



Sep
15
Network issues 2.0
Posted by Matthew Austin on 15 September 2016 11:00 AM

Due to a brief power interruption this morning, we are experiencing some residual network issues that could affect wired and wireless connections.  Specifically, Fern-Smith hall is having the most trouble right now but there may be other isolated locations experiencing the same, so I just want to give everybody the head’s up. 

We’re aware of the issue and are working hard to get things back up and running as quickly as possible, and we thank you for your patience.  

-Matt

 

**Update** - 1:00PM
Fern-Smith Hall should be back up and running.  There are still ongoing issues that we know of in Ramaker center.  


Read more »



Aug
30
Network Issues
Posted by Matthew Austin on 30 August 2016 01:46 PM

The immediate network issues appear to be resolved.  The situation is being monitored closely and appears to be under control.  

I believe there are still some localized Wi-Fi issues, which the help desk is trying to track down and resolve on an as-reported basis.  If you are experiencing problems connecting to the Wi-Fi in your room, please log a help desk call by emailing helpdesk@nwciowa.edu from your Northwestern E-Mail address.  Include a description of the issue you are experiencing, and your room location / #, and we'll reach out to help fix the problem.  

Thanks for your patience, I know the last few days have been frustrating for many users.  

Matt


Read more »



Aug
13
Hide Your Kids, Hide Your Wi-Fi
Posted by Matthew Austin on 13 August 2016 04:20 AM

Welcome to "Northwestern College"

That's the name of the new wireless network that we installed this summer, and I think you're really going to like it.  Our summer student technicians, Ashton Graves, Tung Tran, and Blake Mulder, led by our network admin Dan Robinson, spent many weeks hard at work in hot dorms this summer ripping out the old system and installing the new.  Seriously, if you see them, give them a handshake or a high-five, they're awesome.   Let me tell you a little bit about the new wireless system.  

It's easier to get connected

Gone are the "NWC" and "Mobile" networks.  With the old system, computers connected to one network, smartphones to another, but what about Tablets?  Gaming consoles?  Streaming devices? Doesn't matter anymore.  Now you just connect any device to the network called "Northwestern College".  Upperclassmen may cringe at the memory of the connection workshops we previously held during freshmen orientation weekend.  We had to install special software and do a lot of manual configuration, and I'll be honest, it was kind of a pain to get connected that first time, and none of us enjoyed it.  Now, it's as simple as connecting at a Holiday Inn or a Starbucks.  Just connect to the "Northwestern College" WiFi network, open your browser, and log in! (click here for more detailed instructions.) Of course an antivirus is still highly recommended, and we still offer Sophos for free if you need it.  Just swing by the help desk and we'll help you install it!  

You've got a stronger signal

Overall, we increased the number of wireless access points (APs) across campus by about 40%.  But that doesn't quite tell the whole story.  We really wanted to focus on improving the dorms, and some dorms were worse than others, so we added even more APs where needed. For example, Steggy had 11 APs at last count with the old system, and it's up to 27 now! Nearly as important, we've moved all APs that were previously located in rooms, out to the hallway ceilings, so the signal is more evenly distributed.    

It's faster

Our old wireless system consisted of the best technology 2011 had to offer.  It was great for awhile, but after five years it was definitely time for an upgrade.  The new Meraki APs we've deployed are the best available as of 2016, with full Wave 2 Wireless AC, which allows for increased user capacity as well as better signal strength and speed.  They're hooked into faster network ports, and the main campus internet connection has been upgraded to a full gigabit.  This, combined with more APs and better placement throughout campus should lead to an improved experience.  

It's new

Well, duh, I've already said that.  But what I mean to say is that as with any new system, there's always a chance something might not work as expected, and that's where we need you.  Let us know if you notice something isn't working quite right.  For example, we've already noticed with the early-arrival students that even though it's supposed to automatically allow streaming devices and gaming consoles when you connect, some of them don't work unless we manually add them to the system.  If you run into that situation, email the help desk at helpdesk@nwciowa.edu with your devices's IP address or MAC address and we'll put it on for you. (If you're not sure where to find this information, email us anyway, and we'll help you find it.)  

Final Thoughts

Is this new system going to rock your world and make all your wildest dreams come true?  Probably not, but I'm excited anyway.  What I hope to hear from students about our new WiFi system is that it gets out of your way and "just works".  And I really do want to hear from you.  If you have questions, comments, complaints, or feedback about the new system, please, send them our way.  You can reach me at matthew.austin@nwciowa.edu.  

Welcome back, everyone, I hope you have an awesome semester.

Matt Austin

Help Desk Manager


Read more »



Jan
29
Phishing attempt to watch out for
Posted by Matthew Austin on 29 January 2015 02:09 PM

There is another Email going around that purports to be from NWC's Email System.  This email is a scam, also known as a "Phishing" attempt and should be deleted.   Phishing e-mails pretend to be from a trusted entity (such as your bank, school, credit card company, etc) and ask for personal information such as passwords or credit card numbers.   

If you ever see an email that you find suspicious, feel free to forward the message to nwc's help desk at helpdesk@nwciowa.edu.  We will gladly evaluate all suspicious emails and provide recommendations.  If you have fallen victim to such an attempt, the most important thing to do is to change your password immediately.  Following that, contact the helpdesk and we'll give further help. 

An example of the latest Phishing email is below:  

------------------------------
Welcome to Northwestern College Web Based Email System

Dear E-mail subscriber


We would like to inform you that we are currently carrying out scheduled maintenance and upgrade of our account service and as a result of this your accounts have to be upgraded.


We are sorry for any inconvenience caused.


To maintain your account, you must reply to this email immediately and enter information below:
Username:
Password:


Failure to do this within 72 hours will immediately render your account deactivated from our database.
Thank you for using our Services!"WEB-MAIL SUPPORT (c) WEB-MAIL ACCOUNT ABN 31 088 377 860 All Rights Reserved.
E-Mail Account Upgrading Northwestern College Based EmailSystem,Frequently-2015

---------------------------


Read more »




Help Desk Software by Kayako fusion