Blog

Bad guys are already stealing brand new Disney+ accounts. In fact, thousands of them are already for sale on criminal sites. They are gaining access to accounts by trying to get into accounts using known, hacked usernames and passwords. The information they are using to effectively "hold these accounts hostage" is information that the bad guys already have access to.

Follow these tips to keep your new Disney+ Account, and other online applications, safe:

  • Do not reuse passwords. If you use the same password for different accounts and one gets hacked, they all are.
  • Never use variations of current or old passwords. If a breached password doesn’t work, the bad guys know that variations might work.


Stop, Look, and Think. Don't be fooled.

CRM Shutdown

LMC Employees:

The CRM – Student Relationship Management System will be shut down and will be permanently offline effective Monday, July 1, 2019.  Any data that resides in the CRM database, that is not also in Banner, will be retained for future reference.  If you have any questions or concerns, please contact the IT Service Desk at 269-927-8189, or visit https://portal.mylmc.org to submit a ticket.

Security Warning

Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution

OVERVIEW:

Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for arbitrary code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution within the context of a privileged process. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.


SYSTEMS AFFECTED:

  • Android OS builds utilizing Security Patch Levels issued prior to May 5, 2019.

RECOMMENDATIONS:

We recommend the following actions be taken:

  • Apply appropriate updates by Google Android or mobile carriers to vulnerable systems, immediately after appropriate testing.
  • Remind users to only download applications from trusted vendors in the Play Store.
  • Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
  • Inform and educate users regarding threats posed by hypertext links contained in emails or attachments, especially from un-trusted sources.

 

REFERENCES:

Google Android:

https://source.android.com/security/bulletin/2019-05-01

There has been an influx of emailPhishing scams recently that are targeting higher education institutions.  Please take a moment to review the Phishing scams below and contact IT if you have additional questions.


Secret Shopper – In this scam, a student will receive an email telling them that they will receive a check. The student is supposed to purchase gift cards with this check and send the code from the gift card back to the scammer. In reality, the scammer pulls the funds off the gift cards and the check they sent bounces.
 
Paper Writers – In this scam, a student will receive an email offering to help them write papers for school. The student is required to pay money in order to access or receive their paper, but in reality they never receive anything from the scammer.
 
If you receive these, or other suspicious email, you should not take action or pursue any offers. Instead, immediately report them to the IT department.


Protect yourself from scams

Email scams are created in crafty ways to imply urgency and generate trust. They often contain a link and make it appear as though the email is coming from The College or another trusted source, like a fellow student.
 
The following tips can help you identify and avoid malicious emails: 

  1. Don’t trust display names. Always check who the email is FROM.  If it looks suspicious, don’t open the email.
  2. Look but don’t click. Hover your mouse over any links embedded in the body of the email. If the link address looks unusual, don’t click on it.
  3. Check for spelling mistakes. Reputable brands are careful about the email they send. Watch for spelling mistakes or poor grammar – they are clues to malicious email.
  4. Don’t give out personal information. Legitimate banks and most other companies will never ask for personal credentials or personal information via email. Companies will not ask for personal information such as login credentials, social security numbers, bank information or addresses through email. Don’t give out this information requested by email.
  5. Don’t believe everything you see. Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it is legitimate. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it. 

For more information and tips around phishing emails please read the following article:

https://blog.returnpath.com/10-tips-on-how-to-identify-a-phishing-or-spoofing-email-v2/

Of course, if you are uncertain if the email is legitimate or not, you can always contact the IT Department for assistance.

Banner On-Demand Training

LMC has purchased a site license for Banner On-Demand Training through the Ellucian Customer Support site (a.k.a. Ellucian HUB).  Please review the information page on the IT Service Desk Knowledge Base, under “Banner by Ellucian," for more information. 

The IT office will be working on server patching this weekend which will impact Banner, Degree Works and Wavelink for all users beginning Saturday, April 13th at 8:00 p.m. until Sunday, April 14th at 2:00 a.m.

The patching is anticipated to have no impact on usability when the applications are restarted.  

If you have any questions or concerns, please contact the IT Service Desk at 269-927-8189, or visit https://portal.mylmc.org to submit a ticket.

Another phishing scam has been discovered that targets individuals with the claim that their Office Business Essentials bill is unpaid. 

If you receive this email, or other emails you think are suspicious, please click the Phishing Alert button within your outlook application. This will remove the email from your mailbox and send it to IT for further review.

Below is an example of the email we've seen come through. We've notatedsome common issues that are often found in Phishing emails. 



If you feel that you have been tricked by a phishing email, please complete the following:

  • Immediately notify the IT department so we can complete a scan on your PC.
  • Immediately change your password, especially if you used your login information after clicking on a link in the email
  • Log into the KnowBe4 Training (https://training.knowbe4.com/login) and review the trainings on Phishing Scams and Spam emails


LMC IT Service Desk

Benton Harbor Campus, Suite 229

Submit a Service Request or search the Knowledge Base: Portal.mylmc.org

Service Desk Phone: 269-927-8189

Ellucian Customer Support has a Community thread related to a known issue related to the Firefox 66.0 and 66.0.1 release.  The URL for the thread is - https://ecommunities.ellucian.com/message/245242#245242

LMC is reviewing the information posted in the thread and will apply Banner updates as necessary. 

Please use Google Chrome as an alternate web browser if you are experiencing issues with Firefox and Banner 9.

There have been reports of a phishing scam arriving in email boxes that claim to have access to compromising information. The sender spoofs the user's email and demands Bitcoin in return for destruction of the compromising information. The scammer also claims that he or she has full access to your account and that an undetectable Trojan virus has been installed on your PC.  This is a scare tactic used by the scammer to scare the recipient into paying the ransom.  

What should you do if you receive the email? 


Do not respond to the email and do no pay the ransom.  Instead, click the Phish Alert icon on the home tab of your outlook (If you are on your mobile device, feel free to forward it to IT). It is also recommended that you change your password, in case you have been compromised and targeted through recent data breaches. You can see if you have been a victim of a data breach, and which companies were the source of the breach, by visiting https://haveibeenpwned.com and entering your email address. 

In addition, we recommend you take the security awareness training offered by LMC to learn helpful tips on securing your email and preventing becoming a victim to phishing scams https://training.knowbe4.com/login.

Here are some other helpful hints if you receive this email, or other phishing scams like it:

They have my password! How did they get my password?

Unfortunately, in the modern age, data breaches are common and massive sets of passwords make their way to the criminal corners of the Internet. Scammers likely obtained such a list for the express purpose of including a kernel of truth in an otherwise boilerplate mass email.

If your password was included in the email to you is one that you still use, in any context whatsoever,  STOP USING IT and change it NOW!

And of course, you should always change your password when you’re alerted that your information has been leaked in a breach. You can also use a service like Have I Been Pwned to check whether you have been part of one of the more well-known password dumps.

Should I respond to the email?

Absolutely not. With this type of scam, the perpetrator relies on the likelihood that a small number of people will respond out of a batch of potentially millions. Fundamentally this isn't that much different from the old Lottery scams, just with a different hook. By default they expect most people will not even open the email, let alone read it. But once they get a response—and a conversation is initiated—they will likely move into a more advanced stage of the scam. It’s better to not respond at all.

So,  I shouldn't pay the ransom?

You should not pay the ransom. If you pay the ransom, you’re not only losing money but you’re encouraging the scammers to continue phishing other people. If you do pay, then the scammers may also use that as a pressure point to continue to blackmail you, knowing that you are susceptible.

What should I do instead?

As said before, stop using the password that the scammer included in the phishing email, and consider employing a password manager to keep your passwords strong and unique. In addition, contact the IT department if you experience or suspect suspicious activity.


Thank you to Mathew and team for successfully upgrading the Firewall this past weekend.  The new firewall will help to keep the College's data safe and secure.

If you experience any issues accessing applications or websites, please submit a ticket with the error message you receive and any other pertinent details. Once received, we'll look into the issue and work to create a resolution.

The IT department will be replacing some networking equipment this Sunday morning, 3-24-19 beginning at 6:00 am.

Due to this change, there will be a brief outage of systems such as Wavelink, Canvas logon, the College website and Remote Access. Internet traffic for LMC computers will also be unavailable.

This outage will not affect Beckwith Hall or the guest wireless network.

Although the outage is expected to last only 30 minutes, we will be reserving 4 hours for the outage to allow ample time for troubleshooting and testing.


New Office Location

Come visit us in our new location on the second floor of the C-wing. 

The Service Desk and operations team is located in C-229 and the Banner ERP and management team is located in C-222.


Recent Phishing Emails

The IT Department has investigated a Phishing email targeting individuals within the college, claiming to come from Dr. Kubatzke that asks if the recipient is available.


Upon investigation, it was discovered that the email was coming from an external source with a “my.com” domain with the intent of coercing the recipient to purchase gift cards and provide the card numbers via email.


As a precaution, the IT Department has blocked the sender’s email address from contacting internal users and purged the phishing email from the system.


A Phishing Scam is an attempt to obtain sensitive information such as usernames, passwords, credit card details, or in this case Gift Card information, by claiming to be from a trustworthy entity within an organization.


Although not all phishing emails are easily identified, there are often tell-tale signs that the message is not legitimate.

1)      The email is not addressed directly to the recipient, but instead uses a generic greeting such as or does not identify the recipient by name.

2)      If the sender claims to be employed at the College, ensure the email address end with “@Lakemichigancollege.edu”. If it does not, the message is likely to be a phishing scam

3)      The message is designed to make you panic or put pressure on you to respond

4)      There is a suspicious or unexpected attachment

5)      There are grammatical errors and is poorly written

6)      It directs you to click on an external link

7)      It asks you to provide personal information or to purchase items such as gift cards


What should you do if you suspect an email is a phishing scam?

1)      Call the sender directly to verify the email’s legitimacy

2)      Report the email to the IT Department by forwarding the email to Abuse@Lakemichigancollege.edu or click the “Phish Alert” Button within Outlook


To learn more about how to prevent becoming a victim to Phishing emails and to increase your information security awareness, log into your KnowBe4 training account at https://training.knowbe4.com/login (You can use your LMC Credentials to sign in). In addition, you can participate in new trainings every month, as sent to you via email.