HOME  I  A-Z INDEX  I  SEARCH  I  DIRECTORIES  
 
The Office of Information Technology
 
Browning Bldg, Rm 12a
PO Box 4606
Clarksville, TN 37044
Phone: (931) 221-7588
Toll Free: 1-877-861-APSU
gov@apsu.edu

Main Office Hours:
Monday thru Friday
8 am to 4:30 pm

 

The Office of Information Technology
 


 

Information Technology ADVISORY

Phishing Emails

Please continue to be on the look-out for spam messages requesting your account information.  Remember, the true APSU IT Department will not send you a message requesting your account information.  NEVER give out your computer/network account,  bank account, Social Security Number, or other confidential information to a request sent to you in an email. Finally, please note these email may look legitimate or cleverly resemble valid graphics and logos – do not be deceived.  Please find a recent sampling below.

From: EDU HELP TEAM <eduhelp@edu.com>
Date: June 10, 2008 7:16:34 PM CDT
To: undisclosed-recipients:;
Subject: VERIFY YOUR EDU EMAIL ACCOUNT NOW
Reply-To: eduhelp@live.com

Dear EDU Email Account Owner,
This message is from EDU messaging center to all EDU email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all EDU email account to create morespace for new accounts.
To prevent your account from closing you will have to update it below so that we will know that it's a present used account. We have been sending this notice to all our EDU email account owners and this is the last notice/verification exercise.

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........

Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.

Thank you for using edu account!
Warning Code:VX2G99AAJ
Thanks,
edu Team
EDU BETA

Daylight Savings Time Change

One of the provisions of the Energy Policy Act of 2005 was to extend Daylight Saving Time (DST) by approximately four weeks. In compliance with this provision, beginning in 2007 DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November). This year, Daylight Saving Time began March 11. Unless modified, computer systems remain programmed to read the calendar and start daylight saving time on the old date in April, not the new date in March. In addition to computers, there are other devices that automatically recognize Daylight Savings Time. These include cell phones, clocks, telephones, telephone answering machines, televisions, VCRs, electronic programmed home thermostats, security systems, etc.

For many widely used devices, an automatic update was easy. Cell phones flashed the correct date and time because they get such information from their service providers' networks. Similarly, the Internet automatically updated clocks on many personal computers that use relatively up-to-date software. Software vendors like Microsoft produced revisions to operating system software implementing the Daylight Saving Time changes. As a service to its customers, these updates were automatically distributed by Microsoft like other Windows Updates. Older software products no longer supported by Microsoft such as Windows 98 and Windows ME were not updated. Users of older software will have to manually change the system time twice a year.

You should be aware of the Daylight Saving Time change and possible problems the change could have caused. You should pay particular attention to various sources of time to be sure the time displayed is correct now that we are on Daylight Savings Time. You should also look at scheduled appointments in Microsoft Exchange and Outlook, paying particular attention to those occurring during the “new” daylight savings period.
 

Securing University Computers and Data

News articles in recent months describe a number of incidents where laptop computers have been lost or stolen and confidential data potentially exposed. These reports should cause each of us to think about possible loss of APSU computers and data. Each year, more University faculty and staff have laptop computers that are exposed daily to possible loss. In addition, storage devices such as writable CDs, writable DVDs, and USB drives make it possible for us to carry a large amount of data that could easily be lost or stolen.

University faculty and staff are responsible for the security of both hardware and information they use.

Listed below are some precautions that may be useful:

  • Do not leave storage media including CDs, DVDs, USB drives, containing confidential information in a computer when you leave the machine.
  • Do not store sensitive data on your desktop, laptop, or removable storage media unless absolutely necessary.
  • Report the loss or theft of equipment or information immediately to the appropriate law enforcement authorities including the APSU campus police.
  • Choose an inconspicuous carrying case for your laptop computer.
  • Keep the laptop close at hand when traveling. Don’t leave your bag “just for a minute”.
  • Label and tag the laptop and all accessories.
  • Consider Encrypting the most important data.
  • Consider enabling “Encrypting Files Services” on laptops.
  • Disable the Infrared Port if present on your laptop when not in use.
  • Disable Bluetooth capability if present on your laptop when not in use.
  • Disable Peer-to-Peer Wireless capability laptop when not in use.
  • Make security a habit. Realize that you are the prospective PREY or VICTIM.
  • Back up all important data regularly.
  • Always be aware of your surroundings and the people in them.
  • Be suspicious of unusual activity and keep your property closer to you until this activity is over and any threat has diminished.
  • Don't leave a laptop in an unlocked vehicle.
  • Parking garages are likely areas for thefts from vehicles, as they provide numerous choices and cover for thieves. Again, never leave your laptop in plain sight; cover it or put it in the trunk.
  • Be aware of the damage extreme temperatures can cause to computers.
  • Going to lunch, or taking a break? Do not leave laptop computers unattended.

Security of University equipment as well as security of sensitive data is all of our responsibility.

Iron Mail Anti-Spam Measures

The Iron Mail Anti-Spam system has been in place at APSU since late July 2006. The Iron Mail system continues to be effective in stopping a large percentage of spam coming to our campus. During the week period beginning November 13, 2006 and ending November 19, 2006 the campus received 1,157,425 email messages. Iron Mail blocked 1,009,822 (87%) of these messages and identified 147,603 (13%) as “Good” email. During that same period, the campus sent 43,994 email messages. 100% of these were identified as “Good”. No Anti-Spam product is perfect and our email users continue to receive some spam. We also know that a few good messages are being blocked as spam.

While the anti-spam products continue to get better at detecting spam, the people who generate spam messages soon learn how to defeat the new detection methods. One of the newest schemes is to imbed the spam message as an image in the message rather than presenting it as text. This prevents the anti-spam system from detecting the content. This will soon be addressed by the anti-spam vendors but there will be other methods of defeating the protection. If you use Outlook to access your email and would like to add a second layer of anti-spam protection, you can activate the “Junk Mail” functionality in Outlook.

Twice per day, the Iron Mail system sends an email message to email users who have “Quarantined” messages that are questionable as spam. You can access the release function by following the instructions in the quarantine message. You may release the message one time or if it is business related, add the sender to a list which will exempt it from the spam detection process in the future. For more information on quarantined messages visit the following web link, http://www.apsu.edu/computer/forms/EUQR-whitelisting.pdf

Anti-Spam Measures

The university is implementing anti-spam measures.  Click the following link to read important information about the new system.

http://www.apsu.edu/computer/exchange/ironmail.htm

Phishing Attacks

Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Phishing attacks plague the entire Internet community. Please review this fun animation as a reminder: Don't Be Scammed.

http://onguardonline.gov/quiz/spam_quiz.html

Unsolicited email messages

Computer Viruses, Trojans and Worms spread by both randomly generating addresses and by “harvesting” email addresses they find on infected computers.  Not only will they use these harvested addresses as recipients, they can also place the compromised email address in the “From:” area of an email.  This makes it appear that the email is coming from someone the recipient trusts and further ‘bounces’ bad email back to the user found in the “From:” field.  Some users have seen the results of this when they receive angry messages from colleagues asking them to clean their computer or have received system messages stating that a message (that they had actually not sent) could not be delivered.

To minimize exposure to viruses, please routinely check computers you use and be sure to encourage friends and family to take steps to secure their computer.  There are two steps that you can take to greatly lessen your chances of being infected:

  1. Keep your computer software up-to-date.  It is critical that you keep your Operating System (Windows XP, Macintosh OS, Linux, etc) and installed software (Internet Explorer, Netscape Navigator, StarOffice, Microsoft Office, etc) up-to-date with the latest patches.  Your software vendor will usually provides a web site that allows for automatic scanning and updating of your computer.  For Windows XP users, please routinely visit http://windowsupdate.microsoft.com and install any listed critical updates regularly.
  2. Install Anti-virus software.  Nowadays, it is not only important to have anti-virus software, but you must keep it up-to-date with the latest virus definitions.  We use Symantec Anti-Virus for university owned computers.  Your computers check for new virus definition files daily.  To make sure you have the latest virus definitions:
    1. Click Start -> All Programs -> Symantec Client Security -> Symantec AntiVirus OR double click the NAV shield icon in the System Tray (located near your PC clock)
       
    2. In the window that appears, make sure that your “Virus Definition File” version is less than 1 week old (virus definitions are release every Wednesday or sooner if there is an immediate threat).  If your virus definitions are older than 1 week., please contact the AP Helpdesk as soon as possible.

29 July 2004 - Dell "Combination Auto/Air Power Adapter" Recall

Dell is voluntarily providing free retrofit kits for certain Combination Auto/Air Power Adapters that were sold for use with some models of Latitude, Inspiron and Precision notebook computers.  It is possible for a consumer to plug into the adapter certain power cords not intended for use with it, which could pose a shock hazard.

The words "DELL" and "Dell P/N W1451" are printed on the top of the problematic adapters and were sold both separately and with the following Dell models between December 2003 and May 2004

  • Latitude X300
  • Latitude D400
  • Latitude D500
  • Latitude D505
  • Latitude D600
  • Latitude D800
  • Inspiron 300m
  • Inspiron 500m
  • Inspiron 510M
  • Inspiron 600m
  • Inspiron I8500
  • Inspiron I8600
  • Precision M60

If you have a university-owned laptop (purchased with university funds), one of the models above and the problematic adapter described above, please submit a trouble ticket for adapter replacement by contacting the university HelpDesk at 221-4357.

If you have a personal laptop and adapter, you will have to contact Dell directly at 1-888-245-3844, http://www.auto-air-adapter.com or the address:

Dell Inc.
RR2E
MSC #8222
One Dell Way
Round Rock, TX 78682

08 March 2004 - Computer Viruses are still a threat

The threat from computer viruses and worms transmitted via e-mail continues to escalate. It seems that several times a week we receive notification of new threats. Austin Peay State University uses the Symantec Norton Antivirus Corporate Edition product to protect University owned windows based desktop computers. We also use Norton products to protect our servers and to screen incoming and outgoing e-mail messages. In addition, we employ other methods of protection including the use of a firewall and packet shaping technology.

For the most part, these measures have been successful over the past couple of months. For virus detection software to be effective, the software supplier must have time to identify a new virus and distribute to each computer using it's product information on how to identify and isolate a new threat. Before this occurs we are vulnerable to any new threat. In order to minimize our vulnerability to new threats, we follow the "best practices" advise from our software provider, Symantec, by removing e-mail attachments that contains file types commonly used to spread viruses, such as, .bat, .exe. .pif, and .scr files.

Currently we have instructed our e-mail software to delete any attachment that contains one of these potential threats and replace the attachment with a message advising the recipient that the attachment has been replaced. The attachment affected are those whose name ends with: .vbs, .bat, .exe, .pif, .pi, .scr, and .zip on both the Exchange e-mail system used by faculty and staff and the APmail system used by students.

If you must e-mail an attachment from the prohibited group, the sender should rename the attachment with another file extension such as .txt and advise the recipient this has been done. The attachment will then be allowed by our e-mail system. The recipient would rename the attachment to have the proper file extension after receiving it.

Users are cautioned to only use this technique when corresponding with someone you know and only if both the sender and recipient are aware this is being done. Otherwise the recipient may discover he/she has opened an infected attachment from an unknown party and infected the machine.

Students are encouraged to purchase and use one of the commercial anti-virus software packages for their personal computers to minimize disruption they may experience and the impact on others within the University network that occur when a personal machine becomes infected with a virus or worm. Faculty and staff are likewise encouraged to purchase and use an anti-virus product for their personal machines that communicate regularly with University owned machines.

16 February 2004 - "WINNING NOTIFICATION" Email Hoax

There is a new email hoax that promises its recipients a large payout from an international lottery.  This email is a hoax and should be disregarded and deleted.  An excerpt of the email follows:

EL GORDO SWEEPSTAKE LOTTERY COMPANY S.L
PLAZA COLONE-28080
MADRID-SPAIN.

FROM: THE DESK OF THE MANAGING DIRECTOR INTERNATIONAL
PROMOTIONS/PRICE AWARD DEPARTMENT.
REF Nš: EGSL/25003127/CSL/02
BATCH Nš: 0007571982

DEAR FRIEND,


RE: AWARD NOTIFICATION/ FINAL NOTICE.

We are pleased to inform you of the release of the
results EL GORDO SPANISH SWEEPSTAKE LOTTERY/
INTERNATIONAL PROGRAM, Held 30TH January 2004. Your
name attached to a ticket number 025-1146992-750 with
serial number 2113-05 drew the lucky numbers
4-18-24-30-31-35 which consequently won the lottery in
the 3rd category. You are therefore been approved for
a lump sum payout of 625,000.39 (Six hundred and
twenty five thousand Euros and thirty-nine cents) in
cash credited to the file reference number:
EGSL/25003127/CSL/02. This is from the total cash
price of 5,368,770.00 (Five million three hundred and
sixty-eight thousand, seven hundred and seventy Euros
only) shared among the seventeen international winners
in this category.

Parts of the text (like the payout, the international program and contact information) will vary depending on who sends the message.

As a general rule, you should carefully evaluate email from persons or organizations in which you have not directly solicited products, service or information from.  You can use several online resources to assist you evaluation.

If you are not sure whether a message is dangerous, please contact the AP HelpDesk (helpdesk@apsu.edu or 221-4357) for further assistance.

28 January 2004 - Novarg.A Email Virus

The Novarg.A computer virus is causing e-mail and internet problems worldwide. Fortunately, computers owned by APSU can be protected from this threat through installation and proper use of our campus-wide Norton Antivirus software.

Since campus owned computers should have up-to-date virus protection, the Novarg.A description below is informational only.  Our installed virus protection software on the exchange email server is removing any infected file attachments and replacing them with safe attachments with the name "Deleted Attachment Report.txt".  You can safely delete the email messages that you receive which meet the description below.

Novarg.A arrives via e-mail and may have a .zip, .bat, .cmd, .exe, .pif or .scr file attached. The subject line could read:

  • 'test'
  • 'hi'
  • 'hello'
  • 'Mail Delivery System'
  • 'Mail Transaction Failed'
  • 'Server Report'
  • 'Status'
  • 'Error'

The current version of virus protection for the campus Exchange e-mail system detects the Novarg.A virus and removes the attachment thereby making the message safe. The recipient still receives the message with a notification from the virus detection software that the attachment has been removed.

To insure that your campus-owned computer is protected from current and future computer virus threats, PC users should have Norton Antivirus installed and running properly.  To verify:

  1. Click Start ->  Programs -> Norton Antivirus Corporate Edition -> Norton Antivirus Corporate Edition

  2. Verify that "Load Antivirus Services" has a check mark and that the "Virus Definition File" is dated 01/26/2004 or later

Alternatively, you should have the Norton Antivirus Shield icon in the task tray of your Start bar (circled in red below).

If you do not find Norton Antivirus Corporate Edition, please contact the AP Helpdesk at 4357 or helpdesk@apsu.edu

8 October 2003 - New Email Hoax Messages

There are a couple of new threats that may make you think twice about whether the message you just received is valid or contains dangerous content.  As a general rule, you should never open email messages (and especially their attachments) from someone you do not know.  If you are not sure whether a message is dangerous, please contact the AP HelpDesk (helpdesk@apsu.edu or 221-4357) for further assistance.

These two new threats blur the line between valid and dangerous.

"Last Update." email message from Norton AntiVirus

This message comes from "updates@symatec.com" and makes claims to detect the presence of another computer virus.  It will instead infect your machine with its own which allows a hacker to take control of your machine.  The attachment is named "nav32.zip".  You should delete this message immediately upon receipt.

Much like many companies today, Norton AntiVirus will never send unsolicited emails (especially ones with attachments).

For more information about this message, please see: http://securityresponse.symantec.com/avcenter/venc/data/w32.ircbot.b.html

"New Net Critical Patch" email message from Microsoft

Please reference the screen shot below.  If you receive a similar email, please disregard it.  Following the instructions noted in the message could damage your computer.  The creator of the message has disguised its dangerous content as a valid upgrade message from Microsoft.   Please note that Microsoft will never send an unsolicited upgrade directly through email as a file attachment.

25 August 2003 - Sobig.F worm

The Sobig-F worm has caused e-mail problems worldwide. When the worm arrives via e-mail, it poses as a .pif or .scr file. The sender's address is spoofed. The subject lines used are taken from a list, including 'Re: That movie', 'Re: Wicked screensaver', 'Re: Approved' and 'Your details'. Since the sender's address is spoofed, the message appears as if it were sent by someone other than the owner of the infected machine. Investigators fear Sobig-F is laying groundwork for another attack to occur sometime after September 10. The current version of virus protection for the campus Exchange e-mail system detects the Sobig-F worm and removes the attachment making the message safe. The recipient still receives the message with a notification from the virus detection software that the attachment has been removed.

Listed below is a web link from the August 22, 2003 issue of "Edupage" which includes a more detailed description of Sobig-F.

http://www.internetnews.com/infra/article.php/3066881

 
Site Index
Acceptable Use of Information Technology Resources
AP Interface Archives
Email Guidelines
GLBA
Online Forms
Technology Plans
2005-06
2004-05
2003-04
2002-03
2001-02
Exchange Email
Computer Quotes
University Funds
Personal Purchase
Macintosh Quotes