Columbus State University Print Logo

Office of Information Security

Office of Information Security

Security Alerts

If you see spam/phishing in your inbox:

  • Select the message you'd like to report.

  • Click the spam button dot Report spam icon in the toolbar above your message list.

  • (If you have the message open, you can also report it as spam by using the same button.)

To know more about how a spam email looks, how to identify and prevent them please refer to our spam email page.

Alert
Malicious Email Alert: Phishing Email

New incident: Identified
USG Cybersecurity received multiple reports of a suspicious email message sent to USO employees. This message may appear to be from someone you know. The body of the message contains the following text:

"We need to make sure everyone's contact information is up to date,
please login with your corporate login and verify the information is correct:
Click here
We need to have this list updated within 24hrs, so please make this a priority.
Thank You"

These email messages are not legitimate. Please do not open any attachments or click on any embedded link. They could be used to compromise your account credentials and allow intruders access to confidential information. If you receive a message having these characteristics, please delete the message.

If you have additional questions or concerns, please contact the USG Enterprise Service Desk at 706-583-2001, or by email at helpdesk@usg.edu.

Alert

spam

 

 

Alert
Malicious

Alert

Spam attack using old passwords has recently surfaced.
The video mentioned is not real. The email is not a legitimate threat and is only a scare tactic to get you to supply the given bitcoin address with bitcoin.

This is a scam

The Better Business Bureau encountered a similar scam back in September 2017
CSU and BBB advise you not to open or interact with emails like this one.

spam

alert

Malicious Email Alert: Subject Line "Request"

Incident Report for USG Services

New Incident Status: Identified
USG Cybersecurity received multiple reports of a suspicious email message sent to USO employees. This message has the subject line, "Request" and may appear to be from the Chancellor. The body of the message contains the following text:

"From: Steve Wrigley >
Sent: Monday, September 24, 2018 3:27 PM
To:
Subject: Request

I'll need you to run a task ASAP,let me know if you're unoccupied.i can't talk now but will lookout for your reply.
Thanks

Steve Wrigley

Sent from a Mobile Device"

These email messages are not legitimate. Please do not open any attachments or click on any embedded link. They could be used to compromise your account credentials and allow intruders access to confidential information. If you receive a message having these characteristics, please delete the message.

 Alert

Active Phishing Campaign Targeting Student Email Accounts

Federal Student Aid (FSA) has identified a malicious phishing campaign that may lead to potential
fraud associated with student refunds and aid distributions.

Multiple institutions of higher education (IHEs) have reported that attackers are using a phishing email
to obtain access to student accounts via the IHE student portal. The nature of the requests indicates the
attackers have done some level of research and understand the schools' use of student portals and methods.
These attacks are successful due to student compliance in providing requested information and the use of
just one factor for authentication.

Please view Federal Student Aid's detailed evaluation of the phishing campaign

Alert

COBALT DICKENS Targets Universities

SecureWorks has identified an Iranian Threat Group that
is likely responsible for large-scale campaign targeted at
Collecting University credentials!

The Office of Information security has recently been notified about the threat group COBALT DICKENS
 
SecureWorks has put out a helpful Blog post to help identify spoofing attempts generated by this threat group!

 Alert

alert-urgent

Alert

Infosec has been alerted to a potential Spam email.

The Email is not spam, please disregard the email and do not follow the links. 

Non-Spam Email

 Alert

USG Spam Email

The USG Cybersecurity team has received reports of a a suspicious email being sent.

This message has the subject line, "***IMPORTANT UPDATE*** PLEASE READ- University System of Georgia 2018/19
Employees strategic plan for the year from Dr. Steve Wrigley" and may appear to be from someone you know

This message is not legitimate. Do not open emails with this subject line and do not click on the embedded link.

This email potentially can compromise your account. If you recieve an email having these characteristics delete the email.

Alert

Spam attack using old passwords has recently surfaced.

The email is not a legitimate threat and is only a scare tactic to get you to supply the given bitcoin address with bitcoin.

The Better Business Bureau encountered a similar scam back in September 2017

CSU and BBB advise you not to open or interact with emails like this one.

spam

Alert

On June 15th 2018, 

Oregon became the victim of a successful phishing attempt which caused their government domain to be listed as spam preventing emails from being sent out.  

A brief breakdown of the events:

  • One Oregon state employee became victim of a successful phish last Friday.
  • The user's computer was hijacked to subsequently send 8M+ spam emails over the weekend.
  • Email services like Outlook, MSN and others detected the spam and downgraded the sender reputation of OREGON.GOV, effectively blacklisting mail originating from the state domain.
  • Oregon IT services learned of the issue Monday morning when tickets started trickling in to their service desk suggesting email trouble.
  • Reputation remediation was still underway as of yesterday.

The Office of Information Security would like to remind you when dealing with a suspicious email to:

  • Be suspicious of emails that request sensitive information
  • if you are suspicious always verify with the sender about the email
  • never open attachments from suspicious emails
  • Delete email and text messages that ask you to confirm or provide personal information. Legitimate companies don't ask for this information via email or text.
  • Don't reply, and don't click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites.

For more information, watch this video on Phishing which provides guidelines on how to protect employees and the computer assets we rely on every day.
Refernce: OregonDAS

Alert

Several schools have received a phishing email addressed from their presidents and the list seems to be growing.

Central Methodist University
Columbia College in Missouri
Champlain College
Walla Walla Community College
Waldorf University
Middlebury College
Texas A&M University San Antonio

The school has already taken preventive measures to block this email. 

If you happen to receive or have received an email matching this information please follow the steps on reporting as spam/phishing to help protect.

EDUCAUSE Listserv alert:
Earlier today most of our employees received a phishing email that appeared to be from our president. After some research we found that were able view the site structure where the link directed users.

Malicious Email:

From: (name)@lbschools.net
Contains In Body of Email:
Mokaortmdesm.club/<(yourschool)>/index.php
Mokaortmdesm.club/<(yourschoolhttps)>/index.php

IP address of web site: 89.36.213.44

Steps For Reporting Spam/Phishing
1. Select the message you'd like to report.
2. Click the spam button dot Report spam icon in the toolbar above your message list.
3. Delete email

Alert

USGAlert

 

The USG as issued an alert concerning a suspicious email received by USO employees.

The message with the subject line New Job Offer and sent by Bent Maxwell
contains no content except for a attachment named EDUCATIONAL DOCUMENT.rtf
The email is not
legitimate

Do not open any attachments or click on any embedded link. This could compromise your account.

If you have received a message that matches this description please delete it.