Skip To Content

 

 

What's That Link?

Links inside emails don’t always go where they say they’re really going. Emails can be made so that the text says one thing (for example saying the link will go to the Baker website), but instead actually lead you to somewhere completely different. This is very dangerous, especially if the link brings you to a login page. There are a few extra precautions you can take in order to protect yourself from these crafty attacks.

Hover over it. If you hover over a link or a picture inside the email, you are able to see where the clickable is actually taking you. This is displayed at the bottom of the page. Make sure that the website matches where you think it should be going.

When in doubt, don’t click it! If you know where you are supposed to go to make an account change or check the status of an online order, go directly to the website yourself. Navigate to the webpage using your browser and not the link in the email.

Heed the prompts. Gmail, along with other services, will sometimes prompt you if they feel the link is unsafe. Take notice of where the prompt warns that you might be going to. This isn’t a guaranteed pop-up, but it is a second chance to get out safely. In Gmail, the pop-up looks like this:

 

If it looks off, be wary. Let’s say you clicked the link. That’s okay - it happens. There’s still a chance it might not be too late if the link had malicious intent. Suppose the email asked you to log into your Baker account, but the website doesn’t look right. Close the browser window and do not enter your credentials.

Help! I clicked the link, and I entered my username and password!  Don’t panic, accidents happen. Please report the incident to [email protected] so that assistance can be provided. Our IT staff can help safeguard your account and minimize any damages that may have occurred from the incident. The sooner you notify them, the less impact the phishing attack has on both you and Baker College. If it was on a personal account, close the window you’re in and go directly to your account’s website to change your password. Use a new password that hasn’t been used before, and remember - the best security is to keep each password unique.

“Hover, Doubt, Heed.” - With these simple steps, you’re on your way to keeping your information safe and secure from phishing attempts!

 

 

Common eMail Phishing Attempts

We've probably all received them at one point or another - the dreaded "You've been locked out of your account" emails.  Most likely you are familiar with the Nigerian Prince scam that has been around since the 90's, but would you believe that this email scam still traps people for over half-a-million dollars yearly?

Phishing attempts through email are extremely profitable for cyber criminals and a nightmare for the business world.  Having well-educated employees (and students) is nothing less than critical in providing a front-line defense against such attacks.

Below is a list of 10 very common phishing emails; each may have several variants or the wording may be different, but the subject is usually similar.  See if you recognize any of the following:

 

1.  "We've Issued a Refund"

2.  "A Delivery Attempt Was Made"

3.  "We've Detected Unusual Sign-In Activity"

4.  "Urgent Action Required"

5.  "Thank You For Your Purchase"

6.  "Your Information Has Been Compromised"

7.  "We've Locked Your Account"

8.  "Please Change Your Password"

9.  "Update Your Billing Information"

10.  "You've Appeared in a Search This Week"

 

Your best defense against falling victim to one of these misleading emails is knowledge and a bit of common sense.  For example,

“We’ve locked your account…”  Is there any reason why it would be locked?  Did you recently attempt to login and forget your password somewhere?  If not, then why would you get that email?

“A delivery attempt was made…”  This one is a little more tricky because at some point or another, most individuals order products and get them in the mail.  Ask yourself - did I recently order something that I’m expecting? Is there a reason someone would send me a gift? Again, if your situation doesn’t call for it, why would you believe the email?

“We’ve issued a refund…”  If you haven’t returned a product or bought anything that needed to be returned, then why would you be receiving a refund?

These 10 email phishing attempts come in many varieties and there are many more out there with different subjects.  All are attempts at making you react on impulse and click a link or make you give out information that you really don’t need to do.  Best option? Just delete the email without opening it. If you do open it, hover over any links in the address area, subject area, or body (but DON’T click)...does the address that shows up at the bottom of your screen look legitimate?  Does it reflect the company’s name that is implied in the email? Is there a secure “https:” at the beginning of the address?  The old adage, “if it sounds too good to be true, it probably is” also works here.  If it doesn’t look or feel right, it probably isn’t!  Be safe and delete or if you’re still unsure you could always call the company being represented; if it’s a legitimate email they should be able to confirm what you’re seeing.  Stay smart and stay safe!

Work From Home

Amidst the coronavirus pandemic, many governments are moving into the “delay” phase of their strategy to fight the virus. This includes social distancing techniques, including closing schools and asking people to work from home. Elsewhere, people are having to(being asked to?) or opting to work remotely to self-isolate or to simply help slow the spread of the virus.

The internet era and progress in technology has made it simple for many of us to carry out our regular duties from the comfort of our couch. That said, this luxury comes with its downsides, mainly by way of online security threats. Not only can remote workers have their own privacy put at risk, working from home could result in breaching company security too. The following steps are recommended to protect yourself while working remotely:

  1. Use strong and unique passwords

  2. Access resources over a secure VPN connection

  3. Set up firewalls

  4. Use an antivirus software

  5. Password protect and encrypt home WiFi 

  6. Install updates regularly

  7. Backup your data to a secure location

  8. Beware of remote desktop tools, unless sanctioned and trusted by your employer 

  9. Look out for phishing emails and sites

  10. Watch out for work-from-home scams

  11. Use encrypted communications when applicable 

  12. Lock your device

The IT staff at Baker College is ready to answer any questions or concerns you may have to safeguard both your machine and your identity.  Please visit our support page for contact information and hours of operation. 

 

Critical Windows Patch

Microsoft has issued a critical patch for Windows systems. They have been notified by the NSA about a critical Windows CryptoAPI spoofing vulnerability, called CurveBall, which allows an attacker to trick computers into accepting fake certificates to redirect your browser to a malicious website. The Department of Homeland Security has also put out its second-ever emergency directive urging users to patch their systems as well. Currently, there has been no sight of this exploit actively being used, but with security researchers beginning to post code and proof that this is a valid exploit, it is only a matter of time.

Currently, we are investigating and patching our systems on campus as needed.

While older versions of Windows are not affected by this, Windows 7 has come to its end-of-life support from Microsoft. This is important to note because if a flaw of this nature is discovered in the future, Microsoft will most likely not patch it. Microsoft is urging these users to upgrade to Windows 10 to continue receiving security updates.

We here at Baker College take security very seriously and urge all of our users to also take steps to ensure their personal computers are patched. On a Windows 10 computer, you can click on your Start Menu, go into Settings, and select the “Update & Security” tile. This should automatically check for updates, but if it does not then simply click “Check for Updates.” 

With the ever changing landscape of technology, updates are one of the key steps to securing your computers and smartphones.

 

 

A Man in My Browser?

What is MITB?

 

No, you do not have a little man living in your browser, but you could have a type of malware called a Trojan Horse, which is also known as “man-in-the-browser” (MITB). This type of malware infects the Internet browser and sniffs, captures, and modifies information as it travels between the user interface of the infected browser and the Internet.

MITB malware infects endpoints through malicious email attachments and links, or when a user visits an infected website. These attacks are constantly evolving and are becoming more sophisticated and difficult to detect even by experienced cybersecurity experts.

MITB attacks are typically used to target financial (banking) transactions. The malware will be able to do fraudulent money transfers or payments, and the banking application will not be able to detect any fraudulent activity as the correct credentials have been entered.

Whenever the user of the MITB malware-infected system visits a banking website, the Trojan sniffs or modifies the transactions as they are typed in the Internet browser. This malware can view everything that the end-user sees, and can also do everything that the end-user can do with a browser. Login credentials and other sensitive information are captured directly from the browser memory. The original URL and SSL protections are retained.

 

Additionally, the MITB malware can also inject additional authentic-looking fields in the login forms which would convince the targeted victim to share other sensitive information. As the “https://” of the website is retained, the victim does not suspect the webpage. 

Apart from using an up-to-date OS and good updated security software, the only protection at the moment is just common sense. You have to be careful on the Internet. You do not provide credit card or social security information to anyone easily in real life so why should you do that in an online world? If something does not “add up,” quit and inform webmasters. You can also close the browser and start a new session to see if the same fields appear again. In the end, being well informed is one of the best ways to stay ahead of the bad guys - the more you know, the safer you’ll be!

 

 


Baker College's Cyber Awareness Committee has assembled this informative PDF document to help raise awareness of Cyber Security among Faculty, Staff, and Students.

S1