Blog from February, 2016

Phishing Scams and Email Security Announcement
Former user (Deleted) posted on Feb 24, 2016
Fairfield University

If you are unable to see the message below, click here to view.

February 24, 2016

In an effort to bolster technology security efforts at Fairfield University, new policies, procedures and safeguards will be introduced over the next few months to ensure we keep our systems and data safe. In light of recent responses to phishing attacks, we will be implementing limits on individual email accounts effective today.

Individual email accounts will be limited to sending emails to 100 external recipients. Student (@student.fairfield.edu) email accounts are considered external.

Phishing scams happen regularly to businesses and academic institutions, in-fact here at Fairfield we block over 1,000,000 threat emails weekly. Recently, a phishing scam resulted in 7 employees clicking on a link and providing personal information that resulted in giving scammers access to their fairfield.edu email account. This triggered an additional 157,000 phishing emails from those email accounts on the users behalf, resulting in the fairfield.edu domain name getting blocked by all Microsoft providers (Outlook, Hotmail, Live, and more) on a temporary basis. Having our domain blocked for any period of time causes a significant barrier to conducting business and communicating with students, alumni, vendors and the daily correspondence we all have. And last night, an additional scam resulted in 35,000 emails being sent from our domain. It is important we put protocols in place to minimize the risk of this happening again and that we comply with the CAN-SPAM Act in accordance to federal law.

If you have a business need to send emails to more recipients than listed above, please contact Marketing at x3479 to use a secure, approved communication channel.

When the above limit is exceeded, you will be blocked from sending external mail for one hour. You will continue to receive incoming email. The block will be removed automatically.

Thank you for your patience as we align our security efforts with best practice.

Click here for additional information the process to send email to students for academic purposes.

Coming Soon – Tech security training sessions – online and in-person.

 

Fairfield University  |  1073 North Benson Road, Fairfield, Connecticut 06824  |  (203) 254-4000

Locky Ransomware
Former user (Deleted) posted on Feb 22, 2016

The Locky ransomware, a piece of malware which encrypts a user’s local data until they submit to the authors’ extortion request, has been in the news since it hit the internet around February 16th.

A number of emails distributing the Locky software were sent to Fairfield, but our email security appliance blocked the delivery.  Our Palo Alto devices also have the ability to block Locky malware that makes it past the email appliance.

Fairfield University community members who are not onsite or who are onsite using 3rd party emails whose encryption blocks the Palo Alto scanning will need to rely on their local anti-virus installed and recognize suspicious emails to avoid infection.  The malware is distributed in an email that reading “Attn: Invoice J-<series of numbers>” and will usually be from an unknown sender.  

If you receive an email with the above subject or any other suspicious email from an unknown sender, please delete the email.

@Fairfield.edu Emails Blocked by Microsoft (Resolved)
Former user (Deleted) posted on Feb 01, 2016

Microsoft has officially unblocked the University. You should be able to send to any of the below email addresses. Thank you for your patience.

Members of our community with @fairfield.edu email accounts are currently unable to email addresses provided by Microsoft. These email addresses include:

  1. @hotmail.com
  2. @live.com
  3. @msn.com
  4. @outlook.com.

This is due to many members of our community following malicious links in phishing emails last week which resulted in their email accounts becoming part of the phishing scam – Microsoft blocked our domain because of this.

We will keep you informed as the situation develops.