Filtering in old.mail.msu.edu to be Discontinued May 11, 2009
04/21/2009
On Monday, May 11, 2009, filters that were set up in the legacy e-mail service, old.mail.msu.edu, will be discontinued.
• People using filters to forward e-mail from mail.msu.edu to another e-mail address need to set the forwarding option in mail.msu.edu before May 11, 2009, to forward e-mail to another e-mail address. For more information, please read knowledgebase article 11545 at help.msu.edu “Impending Elimination of old.mail.msu.edu Filtering.”
• People using an e-mail client such as Outlook, Eudora, Thunderbird, etc., that would like filters set up in their client should follow instructions listed under the help function within the e-mail client they use.
• For those using filters to automatically process incoming mail to folders and/or use the Web interface at mail.msu.edu, instructions listed at help.msu.edu, knowledge base article 11172 “How to I set up filters in the mail.msu.edu Web Interface?” should be followed.
For more information or assistance, please call the ATS Help Desk at (517) 432-6200 or contact your local IT support person.
New Phishing E-mail Distributed
04/14/2009
Michigan State University’s (MSU) e-mail service was recently the target of a “Phishing” attack. This is when a fraudulent e-mail is sent in an attempt to collect personal information from the recipient. In this instance, MSU students, faculty, and staff may have received an e-mail that claims Michigan State University had upgraded individual e-mail accounts and those people would need to reactivate their account. The messages appear to be from an MSU e-mail account “@msu.edu.” It asks users to reply with their user name and password. People should NOT RESPOND TO THIS E-MAIL.
The seriousness of phishing cannot be understated. This is an attempt to hijack e-mail accounts for potential criminal activity. If MSU students, faculty, or staff have responded and provided their user name and password as a result of this phishing attempt, they should change their password immediately and call the ATS Help Desk at (517) 432-6200.
Although MSU cannot prevent being targeted by a phishing attack, they are using all available resources to immediately notify those affected of the situation and mitigate any further risk. The e-mail addresses used to generate this attempt could have been gathered from publicly available places such as the MSU faculty/staff and student directories.
E-mail users should remember the ATS e-mail team at Michigan State University will never send an e-mail requesting personal information.
People should be suspicious anytime they are asked by e-mail for personal information, especially if they did not initiate the contact.
To learn more about phishing, read knowledge base article number 4194 at help.msu.edu.
Merit Joint Technical Staff Meeting Held at MSU, Tuesday, April 7, 2009
04/03/2009
On Tuesday, April 7, 2009, from 9:30 a.m. to 3:00 p.m. the Merit Joint Technical Staff (MJTS) meeting was held at the MSU Union. A full program of presentations and discussions about important topics in networking and technology is planned.
The agenda included speakers from Michigan State University, the University of Michigan, Central Michigan University, and Merit presenting on identity management, mobile device security, environment-friendly computing, and peer-to-peer issues. View the complete agenda at http://www.merit.edu/events/mjts/agenda.php?mjtsdate=20090407.
MJTS is open only to Merit Member organizations.
Registration is free.
Registration was taken in advance at http://www.merit.edu/depot/plan.epl
Computer Worm/Virus Still Active
04/02/2009
Microsoft Windows users need to be aware of a serious sleeper computer worm varyingly referred to as Conficker as well as Downadup, Downup, Win32, and Kido that continues to spread rapidly. Reports of this particular piece of malware first surfaced in mid-Fall 2008. Microsoft released patches shortly after first reports.
Popular computing media sites and antivirus software vendors are reporting a massive outbreak occurring due to the large number of Windows computers that have not yet downloaded and applied the requisite patch — specifically the update referred to in Microsoft Security Bulletin MS08-067.
While there are not reports of actual harm to data at this point, according to Microsoft, this malware disables several important system functions, including key services such as Windows Auto Update, Windows security products, and downloads of arbitrary files. After the infection occurs, the infected PCs also begin scanning their networks to attempt to hijack passwords.
The full potential for harm is not yet known, as this is a sleeper-type virus infection. However, it clearly potentially exposes infected PCs to later hijack, since it appears to allow remote code execution.
This infection spreads primarily when an infected machine is attached to a network. In addition, depending on the specific variant, this worm may also spread via removable drives such as USB flashdrives, and by exploiting weak passwords.
For more information including preventive and recovery steps users should take are available at help.msu.edu, knowledgebase article number 11931.
Terms to Know
Malware: software designed to infiltrate or damage a computer system without the owner’s informed consent. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, and other malicious and unwanted software.
Virus: a computer program that can copy itself and infect a computer without permission or knowledge of the user.
Spyware: computer software installed surreptitiously on a personal computer to intercept or take partial control over the computer. Spyware can collect personal information, Internet surfing habit, sites visited, and can change computer settings resulting in slow connection speeds and loss of programs or Internet access.
