Apr 152013
 

Do you know what to do if your ECU computer is stolen? What if you actually respond to a phishing email? These two scenarios and more are termed a security incident, and it’s important to report them to the IT Help Desk.*

The term, security incident, is any computer, network or paper-based activity which could result in misuse, damage, denial of service, compromise of integrity or loss of confidentiality of the ECU network, your computer (which is connected to the ECU network) and data (paper or digital).

Threats, misrepresentations of identity or harassment of or by individuals using these resources can also result from a security incident.

It is important that all incidents, whether benign and accidental or malicious and deliberate, be reported so that appropriate resolution is undertaken with the least data loss or compromise.

Security incidents you are required to report include, but are not limited to, the following:

  • Lost or stolen computer or smart device
  • Lost or stolen files containing sensitive information
  • Unauthorized access to sensitive information
  • Unauthorized access to your computer
  • Compromise of your ECU user account passphrase
  • Compromise of your personal computer
  • Unauthorized use of your user account
  • Unauthorized access to your locked office or files
  • Unusual activities on your computer or network
  • Unauthorized scans of your computer or the network
  • Accidental disclosure of personally identifiable or sensitive information in response to a phishing scheme
  • Virus, worm or Trojan horse activity on your computer
  • Disclosure of sensitive data, including paper disclosure, email release or inadvertent posting of data on a website
  • Suspected information technology policy violation

To report any security incident, call the IT Help Desk 252.328.9866 or 800.340.7081. If you’re unsure whether or not an activity is a security incident, call the IT Help Desk who can help make a determination.


*Do not call the IT Help Desk if you receive a threat to yourself or others. Report any threats to yourself or others to the appropriate law enforcement agency.

 

Jan 092013
 

As the semester begins, ITCS reminds the campus community to avoid mobile phone and email scams, hoaxes and phishing schemes circulating on the Internet. NEVER provide your passphrase or other personally identifiable information* in response to these bogus inquiries.

Although the IronPort spam filter blocks most scam messages from reaching your email, you may receive an occasional hoax email or a fake text message.

A few recent examples include emails from:

  • East Carolina University
  • Service Helpdesk
  • ECU IT
  • ECU Helpdesk
  • Web Master
  • Webmail
  • IRS
  • Any financial institution

If you do receive a phishing message, here’s what to do:

  • NEVER provide personal or sensitive information* in response to any unsolicited email or text message
  • DO NOT open unsolicited email attachments no matter how realistic or enticing the message. You must remain vigilant in not responding to an email or phone hoax or scam
  • NEVER deposit a check sent to you as a result of an email or phone message. Just delete it!

If you receive a message and feel unsure about what to do, contact the IT Help Desk – 252.328.9866/1.800.340.7081.

ITCS will always post legitimate announcements at http://help.ecu.edu. Users can go there to verify the authenticity of an IT-related announcement.

If you have provided personal or sensitive information* in response to an email scam and don’t know what to do, please contact ECU’s IT Help Desk at 328.9866/1.800.340.7081 or http://help.ecu.edu. If you believe you have fallen victim to a criminal scam, please contact the ECU Police Department or your local law enforcement office.

Visit the IT Security website, www.ecu.edu/itsecurity for examples of e-mail scams and additional information on avoiding them.

Nov 292012
 

Date: Monday, November 26, 2012

WARNING: Do Not Join the Collaborative Cloud Domain at Cloudworlds.org! This is a PHISHING Email SCAM.

Please ignore email messages inviting you to join ECU and other collaborative domains in Cloud Worlds by visiting their website at Cloudworlds.org.  The organization is espousing that  this is a private domain activated automatically on your behalf when you join the collaborative domain and can serve as your personal “Cloud Server” to archive, organize and manipulate resources (such as documents, notes, applications) remotely, as if they were on your PC.  It is yet another Email PHISHING Scam designed to gather your personal information.

NEVER provide personal or sensitive information in response to any unsolicited email. Don’t open unsolicited e-mail attachments. No matter how realistic or enticing the email message, you must remain vigilant in not responding to an email hoax or scam. Just delete it!

CLOUD Computing: This is another opportunity to educate the campus on avoiding the use of online collaborative cloud services on behalf of the university. ECU provides internal resources for collaborative networks such as SharePoint,  Pirate Drive, LYNC, YAMMER etc. Visit the ITCS website @ www.ecu.edu/itcs for additional information for collaborative options and the IT Security Tips page http://blog.ecu.edu/sites/securitytips/ for additional Cloud Computing tips.