Today, February 6, 2018, is Safer Internet Day (SID), a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year’s SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play their part in creating a better, safer, and more secure Internet.
Marshall University Information Technology (MUIT) wants to warn the Marshall community to be on the look-out for Tax Identity Theft scams. Many federal agencies are offering information and resources to help consumers learn to protect themselves from tax-related identity theft and Internal Revenue Service (IRS) imposter scams.
MUIT along with the National Cybersecurity & Communications Integration Center (NCCIC) and the United States Computer Emergency Readiness Team (US-CERT) encourage consumers to review IRS publication Taxes.Security.Together. and NCCIC/US-CERT Tip Preventing and Responding to Identity Theft. Users can also participate in a series of free webinars and chats on avoiding tax identity theft, hosted by the Federal Trade Commission, IRS, Department of Veterans Affairs, and others.
For more information about Information Security at Marshall University please visit our website: www.marshall.edu/infosec .
Marshall University will be conducting a test of the MU Alert emergency messaging system on Wednesday, January 24, 2018 at 10 a.m.. This is an opt-in service available to MU community members. Subscribers are asked to be sure they receive a message by noon on Wednesday, and if necessary update their contact information via the myMU interface. If the information is correct and no message was received, please email firstname.lastname@example.org with details on which method (text, email, and/or voice) did not work and the details for each pertinent method. Please sign up or update your information prior to 5:00 p.m. on Tuesday, January 23rd to be included on the test.
Additional information is available on the MU Alert website.
All students, faculty and staff are welcome to attend a Tech-up Open House at Drinko Library & Information Center on the Huntington campus.
Scheduled dates are:
Wednesday, January 3, 2018, from 4:30 to 6:30 p.m. (DL 138)
Wednesday, January 10, 2018, from 4:30 to 6:30 p.m. (DL 138)
Students, faculty and staff are invited to attend a Tech-up Open House Wednesday, January 3 or Wednesday, January 10 from 4:30 to 6:30 p.m. in Drinko Library 138 on the Huntington campus.
Brush up on your technology skills in navigating the library’s electronic resources and services and using Blackboard through MUOnLine. IT staff will be on-hand to provide an overview of myMU and assist with other computer or wireless questions.
Learn tips and tricks to help you hit the ground running with research and writing support; accessing online librarians and guides; and maximizing e-books and e-journals. Basic Blackboard tools and utilizing the free 24/7 Blackboard tech support service will also be covered. Refreshments and door prizes will be provided.
“Tech Up” was created in response to a request by a Marshall University student. Originally developed for nontraditional students, Tech Up has one purpose—to help all students succeed at Marshall by being technologically up to speed by the time they take their first course.
Students can also self-enroll in the online version of Tech Up through MU OnLine/ Blackboard. Log in, click on the Organization tab, search for “Technology & Non-Traditional Students,” Enroll.
The Marshall University IT team receives occasional questions from faculty and staff about the Microsoft Home Use Program (HUP for short). Hopefully this article will help answer a number of those questions.
Several times a year, e-mail offers are sent out from the Microsoft Home Use Program advertising a $9.95 upgrade for Microsoft Office. These are often legitimate messages – see a recent example of one of these messages inserted into this post. You are receiving these offer e-mails because of a previous purchase of Microsoft Office for your personal/home computer. If you no longer wish to receive these offers, see the Frequently Asked Questions section below on how to unsubscribe from these mailings.
Before you pay $9.95 to upgrade, please read the rest of this message below…
If you are currently a Marshall faculty or staff member, you are eligible for ‘Home Use Rights’ under our Microsoft Campus Agreement. You do not have to buy a license, but there is a nominal fee charged by the vendor to cover software distribution costs. In most cases you should use your access to Marshall’s Microsoft Office365 services to download the no-cost install media for your home/personal computer. If you are no longer a Marshall University employee, but still have an active student status, you can also use access Office365ProPlus media as described below.
Frequently Asked Questions
- Can I use Microsoft Office365 ProPlus Media on a Personally Owned PC/Windows or Apple Macintosh OS?
Yes. the Microsoft Office365ProPlus download is intended for PERSONALLY-OWNED machines. There are separate versions for Microsoft Windows PC’s and Apple Macintosh OS X computers.
- Is there a difference in Microsoft Office365Pro and the Office 2016ProPlus software installed on my University-owned computer?
Yes, a few. Functionally, both products are still Microsoft Office – Word, Excel, Outlook, etc. You still have a choice of ‘new’ (Office 2016) or ‘previous’ (2013) releases. However, with the Office365 release, Microsoft provides new feature updates directly to you through the ‘Windows Updates’ (for PC’s) or ‘Microsoft Updates’ process (for Mac). These updates may appear on a different release schedule than your University-owned computer. You will still have the option to ‘accept’ or ‘defer’ these major updates. You may wish to maintain the same major version (e.g. Office 2013 vs. Office 2016) running on both your personally- and University-owned computers.
- Where can I get more information on accessing Office 365 software for my personal computer?
Please visit the Marshall IT website for additional Microsoft Office 365 information for more details.
- What is an eligible employee for purposes of the ‘Home Use Program’?
Microsoft defines ‘eligible employee’ as follows… “those individuals who use the covered licenses at work are eligible to purchase these Office applications for use on a personal device during the term of their employment. This temporary license expires with the employer’s Software Assurance coverage, or upon termination of employment with the covered organization.” – http://www.microsofthup.com/hupus/faq.aspx
- How can I request Microsoft/DigitalRiver to stop sending me these upgrade offers?
Locate the recent e-mail message in your inbox (Subject: Take Office Home for the Holidays). At the very bottom of the message, locate the ‘Click here to unsubscribe’ web link. This will take you to a webpage which will already contain your e-mail address. Click the [Unsubscribe] button. That’s it.
Please direct any additional questions to the Marshall IT Service Desk ITservicedesk@marshall.edu and we can update this list of frequently asked questions on the IT website.
Jon B. Cutler | Chief Information Security Officer | Marshall University | 1 John Marshall Drive, DL-324 | Huntington, WV 25755-2066 | U.S.A. |Office: +1 304 696 3270
Marshall University’s Information Technology Department’s continued partnership with Eduroam, a WiFi authentication service, allows Marshall students, faculty and staff to access wireless networks from other participating institutions while they are off-campus. Eduroam is available at more than 12,000 locations worldwide, including more than 450 colleges and universities. In addition, it provides high speed roaming to over 69 countries. If you are a student, faculty or staff member who will be traveling over winter break, keep this available service in mind and log into Eduroam at a participating campus near you and have access to a secure WiFi network.
Students, faculty, and staff can use their Marshall University email address and password to access the network. Just as members of Marshall’s community can take advantage of this opportunity while away from campus, individuals visiting Marshall University from a partner Eduroam institution can access WiFi connection without requesting “MU guest “credentials.
For more information visit eduroam-U.S. website or http://www.marshall.edu/it/services/researchcomputing/eduroam/ contact the IT Service Desk.
-Kristin Salustro, MUIT Marketing Intern
This is an important computer security bulletin from Marshall University Information Technology team directed at Marshall University students, faculty and staff who own or use an Apple Macintosh computer. Apple has released a critical security update which should be applied to all computers which are running macOS High Sierra 10.13. Marshall University IT staff are working to address this issue on University-owned devices; students, faculty and staff need to be aware of this issue needs addressed on personal-owned devices.
What computers are at risk?
If you have an Apple Macintosh computer which is running the current release of macOS High Sierra 10.13 or 10.13.1, you are at risk and need to apply this update ASAP. If you are still running macOS Sierra 10.12.6 or earlier, this update is not needed.
How do I check which version of macOS in on my computer?
Click on the ‘Apple’ icon menu (in the upper left corner of your computer), and select ‘About This Mac’. You should see a pop-up window which will list the operating system name and version (see below):
If your computer shows ‘macOS High Sierra Version 10.13 or 10.13.1’, click on the ‘Software Update…’ button in the lower-right of the pop-up. This will launch the Apple ‘App Store’ utility. Click on the ‘Updates’ menu and apply any needed updates. If the App Store shows ‘No Updates Available’, be sure to confirm that these 2 critical updates ‘MacOS 10.13.1 Update’ and ‘Security Update 2017-001’ are listed as being installed:
Please review the links below for further information and assistance
- Apple Security Update 2017-001
- Apple releases macOS High Sierra Security Updates
- Marshall University IT Service Desk
- Marshall University IT Information Security Team
Recent Phishing Attacks
Over the past several months, the Office of Information Technology has seen an influx of fraudulent “phishing” messages, many which appear urgent, and are designed to trick account holders into clicking a link (or in some cases, replying to an email) and providing a username and password.
In most cases, these emails have been sent from other Marshall University account holders who have already been victims of these fraudulent messages and thus have had their accounts compromised. Once an account is compromised, it is then being used by a cyber-criminal to distribute more phishing messages to other MUNet/Office365 account holders.
Since the messages are coming from @marshall.edu or @live.marshall.edu addresses, the recipient is more likely to trust the sender and be tricked into clicking a link and logging in to what they think is a legitimate web page. Many of these web pages are designed to look like authentic Marshall University, Microsoft, or financial institution login pages, but are actually capturing credentials.
Prevention and Education
The IT department is doing their best to catch compromised accounts before more phishing messages can be distributed, however, the best way to protect yourself and others is to use caution when checking your email.
ALWAYS be suspicious of any unexpected email messages, regardless of the source, which include file attachments, web URLs, or are written with a sense of urgency and require you to provide credentials or other personal information.
Below are a few examples of recent phishing messages. Notice that each includes hyperlinked text which, when the mouse is hovered over, reveals a web address that is NOT a marshall.edu or microsoft.com address. Also, these messages have a sense of urgency and ask that the recipient verify information. Marshall University will never send you unsolicited email asking you to verify your password or personal information, nor will any other trusted organization.
If You Receive A Fraudulent Email
- (Optional) Report a suspicious email sent to your @marshall.edu or @live.marshall.edu email address by forwarding the message to email@example.com. YOu will receive an auto-reply confirming receipt of the message as well as additional instructions.
- Delete the message from your inbox
- As long as you did not attempt to open the attachment, reply/click on the web link, or provide any personal information, no additional action is needed; however…
- If you attempted to open an attachment or visited a website where you submitted your username, password or other sensitive information, you should immediately contact the Marshall IT Service Desk at (304)-696-3200 / firstname.lastname@example.org.
Protecting Yourself From Email Fraud(AKA Phishing)
InfoSec Tips #7: Don’t Be Tricked
Marshall faculty, students, and staff have seen a recent upswing in the number of phishing emails received recently. Brooke Griffin, reporter for The Parthenon, recently interviewed IT staff. Read the article here.
On Tuesday, October 17th, and Thursday, October 19th, from 11a.m.-1p.m. each day, Marshall University’s Information Technology (IT) division will be hosting the Hackers for Charity student group for a National Cyber Security Awareness Month (NCSAM) table in the lobby of the first floor of the Drinko Library and Information Center. These students will share practical tips on how to improve your personal information security and avoid online threats.
As technology continues to become a large part of our professional and personal lives, it is important to be educated in how to keep private information secure. We are eager to share with you the resources Marshall University has to not only provide information on the importance of cybersecurity but demonstrate the steps you can take to become more cyber secure in your everyday life. Additional information regarding weekly topics and resources can be found at www.marshall.edu/it/ncscam/topics
For the month of October, MUIT’s Instagram and Twitter will be posting weekly tips on cybersecurity, follow the hashtag #CyberAware and follow us @MarshallU_IT.
For more information about NCSAM, visit www.staysafeonline.org/ncsam.
Marshall University Information Technology Contact: Crystal Stewart
-Kristin Salustro, MUIT Marketing Intern