Stay Safe

Easy Ways to Keep Your Computer and Personal Information Secure

 

Heartbleed: What YOu Should Know

Heartbleed is a software security flaw in one of the most common security protocols used on the Internet. The flaw makes sensitive information vulnerable to exposure or theft. This flaw put many websites at risk, including some websites at the University of Chicago.

What can I do to address this problem?

Unfortunately, there isn’t any action you can take at present. The administrators of vulnerable services need to update their software in order to protect users. However, once the vulnerable sites have been remediated you should change your passwords. Site providers will send you information when it is safe to do so.

Please keep in mind that phishing attacks frequently occur when vulnerabilities are discovered. DO NOT FOLLOW LINKS to change passwords pasted in emails.

Read full article

 

Windows XP Support Ending April 2014

If you are running Windows XP, you should know that your operating system will no longer receive updates or patches after April 2014, which means your computer will be at risk of malware and viruses. Please read this news announcement for more detail on recommendations for securing your computer or systems.

Avoid Email Scams

Visit our Phishing pages for information about how to identify phishing scams and examples of some real phishing scams.

If you accidentally responded to a phishing message, or you believe that your account has been compromised, contact IT Security at security@uchicago.edu or 773-702-CERT (773-702-2378).

Compute Safely While Traveling

See our travel tip sheet for information on computer and connection security during both domestic and international travel. The tip sheet provides tips on accessing University resources, checking email, securing your wireless connection if you are using a laptop, and precautions you should take when using public computers.

Think before you share: Do not share copyrighted material

Stay informed

From: Alumni
To: Recipients <noreply@uchicago.edu>
Date: Tue, 22 Apr 2014 20:37:25 +0800
Subject: Uchicago Warning!!!

Body:

This is an automated message to notify you that a valid password was used to login your uchicago.edu account from an unrecognized device, Today Tuesday, April 22th, 2014 at 03:00(UTC+02), in Baghdad, Iraq (IP=37.77.52.17) as a result of that your account has been temporarily suspended.

If you did this, you can safely disregard this email. If you didn't do this, kindly follow our review link below to retrieve your account http://universityofchicago.yolasite.com/

Sincerely,
Uchicago Admin.

From: CNetID Mail Alert Notice
Date: Mon, 31 Mar 2014 16:42:40 +0200
Subject: Important Notice

Body:

Hello CNetID Mail Users

Your CNetID mail account was used to send fraudulent messages from a foreign IP Address 130.60.57.144 1500H.

Therefore we are placing a temporarily restriction on your CNetID mail login access till further notice.

We urge you to kindly update and keep your CNetID mail active for further investigation to be done.

Failure to do so,we will be force to charge your CNetID mail account as fraud and theft identity and legal steps will be taken.
Kindly act fast on this important notification before the investigation is concluded.

http://www.uchicago.edu "http://www.doma-i-dachi.ru/images/phocagallery/banya%206x5/uchicago.htm" target="_blank">

Best Regards.

The University of Chicago.

© 2012  The University of Chicago

How you know this is a Phishing Scam:

It was not apparent, but the link leads to a bogus internet address. The only way to see that is by hovering over the link.

From: skarleett.cabeza@stantec.com
Date: Thursday, March 13, 2014 at 7:03 AM
Subject: IT HelpDesk

Body:

As part of our duty to strengthening our security and improving your overall  mail experience, we have detected your mail settings is out of date. We want to upgrade all email account scheduled for today. To Complete this procedure, CLICK HERE< ;http://www.leocuer.com.ar/2341> to upgrade your account to Outlook Web Apps 2014. If your settings is not updated today, your account will be inactive and cannot send or receive message any longer.
Sincerely,
Mail Service Team.

How you know this is a Phishing Scam:

The link leads to a non-UChicago domain.