Here are our planned workshops for this semester – no RSVPs are required, just drop on by if you’re interested in any of these sessions (most are only 30 minutes)!

PROWL work sessions (open lab time to work on a PROWL site with 2 ETS staff available to help out – no formal instruction)

Thursday, 2/11, Barnes PC Lab 2:00 – 3:00
Wednesday, 3/3, Barnes PC Lab 12:30 – 1:30
Tuesday, 3/30, Barnes PC Lab 3:00 – 4:00
Thursday, 4/29, Keck Lab 1:30 – 2:30

How to print and connect to network resources from your laptop (intended primarily for students)

Friday, 2/19, Keck Lab 3:30 – 4:00

Look both ways before you cross the street: how to avoid getting scammed

Tuesday, 2/23, WES Room 2:00 – 2:45

Painlessly connect to your network resources from off campus (intended primarily for staff and faculty)

Thursday, 3/4, Barnes PC Lab 2:00 – 2:30

Introduction to PROWL

Monday, 3/29, Barnes PC Lab 2:00 – 3:00

PDFs made easy (create them, edit them)

Wednesday, 4/7, Keck Lab 2:30 – 3:00

Windows 7, what’s the big deal? (why use it?  Tips and tricks)

Tuesday, 4/27, Barnes PC Lab 2:00 – 2:30

Another Colorado College email account was hijacked last night, sending out over 46 GB of spam email overnight and into this morning before we were able to catch it.  This time were aren’t as lucky as we were last week, and ended up on several blacklists (including Comcast and a few others).

As a result, you may get bounce-back messages for the next several days on emails you try to send out.  We’re working with the organizations to get removed from the blacklists, but it usually takes several days for them to actually remove us (unfortunately, we have no control over it).

We share your frustration with these issues, and have been working for over 2 years on trying to move to a system that has the tools to minimize the effect of these kinds of attacks.  For now, the best we can do is to all be more vigilant as a community to safeguard our account information and have strong passwords.  IM has also been working on a class that we’d like to offer regularly to help everyone protect themselves and the college against these threats.

Remember – no legitimate organization will ever ask for your username and password over an email – no matter how real or scary the message looks, if it asks you for this or other private information, you should be immediately suspicious and do not provide it.  Chances are extremely good that it is a scam, though you can always call in to verify that there isn’t actually something you need to do.

Many of you noticed some issues with email this past Saturday night and Sunday morning – once again, someone fell victim to an email scam asking for a username and password.  Spammers used that person’s CC account to send over 100 GB of spam mail out before we were able to catch it and stop it this weekend.

It looks like we are lucky this time in that we haven’t been blacklisted by major email providers (only a few smaller ones), and the breach has been fixed.

Spammers are getting more and more crafty in planning their attacks and wording their messages to look real.  Please remember that no legitimate organization will ever ask for your username and password over an email – no matter how real or scary the message looks, if it asks you for this or other private information, you should be immediately suspicious and do not provide it.  Chances are extremely good that it is a scam, though you can always call in to verify that there isn’t actually something you need to do.

We reiterate this message because when one of us falls victim to a scam, it affects everyone in the community – please take the security of your account seriously and resolve to be even more careful than you have in the past. Here are a few common phrases used in phishing messages you should watch out for:

“Please verify your account”
“You are over your quota – provide your username and password in order to expand or your email will be lost”
“If you don’t respond within 48 hours, your account will be closed / canceled”
“Click the link below to access your account”
“Click the link below to update your information”
“Click the link below to claim your prize”

We’ve done some testing and have built an image for Windows 7 that we will be putting on all new computers and old computers which are reimaged by default (yes, it’s much better than Windows Vista – on that note, you may request an upgrade by contacting the Help Desk, just be patient with us as we work through all the requests).

We wanted to let you know that yet another email scam was sent to most of the campus last night – it’s another email size limit scam, and claims that you need to click a link to “re-validate” your mailbox, or in some cases to reply with your username and password so we can “reset” your email database.  These messages are phishing scams used to get your login information, which will be used by the scammers to hijack your email account (they’ll reset the password, set it to forward all incoming mail to another address of their choosing, and then use your account to send out huge amounts of further scam messages). This will result in the campus being blacklisted and unable to send email to major email providers for several day

So, please do not click the link or reply with your username and password – just delete the message.

This is the latest in a similar series of scams that have gone out at least once per month since late 2008, all of which claim your mailbox is over its size limit and ask you to click a link or reply with your login credentials.  There will likely be more of these, each with different wording and some more legitimate seeming than others – it’s important to be aware of these scams and always skeptical of messages which seem to come from ITS, but really don’t

Here are a few things you should keep in mind to help protect yourself and the college from email scams:

* We will never ask you for your username and password, especially in an email.
* Legitimate messages notifying you that you are over your size limit do go out – however, they are simply notifications and do not have any links to click.  If you see such a
message with a link, you should be immediately suspicious and contact us via phone if you’re unsure whether or not the message is legitimate.
* We post all official messages we send to the campus on our website.  While it’s easy for anyone to send a fake email and write whatever they want, then claim it is from
“system admininstrator” or “help desk” or “ITS”, they will not be able to fake a post on our website.  For example, you can check it right now and you will see a copy of this message posted there. (http://helpdesk.coloradocollege.edu)
* Here are a few common phrases used in phishing messages you should watch out for

“Please verify your account”
“If you don’t respond within 48 hours, your account will be closed / canceled”
“Click the link below to access your account”
“Click the link below to update your information”
“Click the link below to claim your prize”

For more information about how to protect yourself from scams, please see our webpage: http://helpdesk.coloradocollege.edu/index.php/tips-and-how-to/protect-your-computer/ the best defense will always be awareness of the issues involved!

Greetings all!

With the economic troubles that we are all going through here at Colorado College we have decided to change our Anti-Virus solution from Symantec Anti-Virus to Microsoft Forefront, saving the College over $20,000 annually. We are now in the process of removing Symantec and installing Forefront on all
College owned PC’s on our network. This process should be completed over the next two months.

You should not notice Symantec being uninstalled or Forefront being installed on your computer. It will happen automatically and by design should not interrupt your work. Again, this will ONLY affect PC Users. If you do notice anything or have any interruptions or errors on your computer because of this process please let us know by contacting the Help Desk (HelpDesk@ColoradoCollege.edu or x6449) so that we can rectify the issue.

Thank you for your time and patience during this process!

NOTE: The most common error that can come from this is when you open Microsoft Outlook. For instructions on how to remove the Symantec plug-in from Outlook click here.

Colorado College student email was down most of today, Sunday, August 9, because a student fell victim to last weekend’s phishing scam.  Emails sent to or from CC student email addresses between 10:36 AM and 4:44 PM today most likely did not reach their intended destination.  If you are a student and you sent email during those six hours, please re-send your message.  If you emailed a student account during that time, please, again, re-send your message.  Unfortunately, it is likely that any off-campus email sent to student accounts during those six hours will never be delivered.  All email services were restored by 11:00 PM.

As a reminder, if there is any chance you clicked on the link in the “re-validate” phishing scam last weekend (or any other scam), please change your password as soon as possible.  Instructions for doing that are available at http://helpdesk.coloradocollege.edu/index.php/tips-and-how-to/miscellaneous/change-your-password/.  The “re-validate” scammers have changed their tactics, and, if they have your password, not only will they send thousands of spam emails from your account, they will forward all of your incoming email to an off-campus address and then delete all email in your Inbox, Sent Items, and Deleted Items.  It is an extremely dangerous scam.  If you have any doubt about whether you answered the scam, please change your password immediately.

Please contact Joseph Sharman, x6301, if you have any questions about the email disruption.

Finally, please remember our pre-scheduled maintenance day tomorrow (Monday) morning, August 10.  Various network services will be down from 4:00 AM until 8:00 AM.  If you would like more details, please click here:
http://listserv1.coloradocollege.edu/digestmessages/jsharman313560.html.

We wanted to let you know that yet another email scam was sent to most of the campus on Saturday morning – the scam claims that you’re over your size limit and need to click a link to “re-validate” your mailbox.  Clicking the link will prompt you for your username and password, which will be used by the scammers to hijack your email account (they’ll reset the password, set it to forward all incoming mail to another address of their choosing, and then use your account to send out huge amounts of further scam messages).

Please do not click the link – just delete the message. The text of the scam is as follows:
_______________
Account Re-Validate

Your mailbox has exceeded the storage limit which is 20GB as set by your
administrator, you are currently running on 20.9GB, you may not be able to
send or receive new mail until you re-validate your mailbox.

To re-validate your mailbox please

CLICK HERE:

Thanks
System Administrator
______________

This is the latest in a similar series of scams that have gone out at least once per month since late 2008, all of which claim your mailbox is over its size limit and ask you to click a link.  There will likely be more of these, each with different wording and some more legitimate seeming than others – it’s important to be aware of these scams and always skeptical of messages which seem to come from ITS, but really don’t.

Here are a few things you should keep in mind to help protect yourself and the college from email scams:

* We will never ask you for your username and password, especially in an email.
* Legitimate messages notifying you that you are over your size limit do go out – however, they are simply notifications and do not have any links to click.  If you see such a message with a link, you should be immediately suspicious and contact us via phone if you’re unsure whether or not the message is legitimate.
* We post all official messages we send to the campus on our website.  While it’s easy for anyone to send a fake email and write whatever they want, then claim it is from “system admininstrator” or “help desk” or “ITS”, they will not be able to fake a post on our website.  For example, you can check it right now and you will see a copy of this message posted there. (http://helpdesk.coloradocollege.edu)
* Here are a few common phrases used in phishing messages you should watch out for:

“Please verify your account”
“If you don’t respond within 48 hours, your account will be closed / canceled”
“Click the link below to access your account”
“Click the link below to update your information”
“Click the link below to claim your prize”

For more information about how to protect yourself from scams, please see our webpage: http://helpdesk.coloradocollege.edu/index.php/tips-and-how-to/protect-your-computer/ the best defense will always be awareness of the issues involved!

We’ve updated our CC Important Dates file for the 09-10 year (July 09 – June 2010).  See our page for instructions on how to import the dates into your Outlook calendar: http://helpdesk.coloradocollege.edu/index.php/tips-and-how-to/email/add-important-cc-dates/

A new account expiration policy has gone into effect as of 6/1/09 – we’ve posted the update to our site if you would like to see the details of the new policy: http://helpdesk.coloradocollege.edu/index.php/policies-and-procedures/account-expiration/