Security Spotlight: Digital Spring Cleaning

After a long winter, spring is finally here! Consider taking a few minutes to spring clean your digital life:

▪ Online Accounts: Your online accounts like email, social networks, organizations, shopping websites, cloud storage, etc. can collect clutter. Take a few moments to remove/close unneeded accounts. Make sure to use unique and secure passwords for each account.
▪ Email Accounts: Review, archive, file and delete unnecessary emails. We also recommend that you empty your trash folder, and unsubscribe to recurring emails that no longer interest you.
▪ Social Media: It is a good idea to periodically review your security settings and connections.
▪ Devices: Smartphones, tablets, laptops and computers make our lives so much easier. Consider removing unused apps and clear out any downloads you aren’t using anymore. Make sure your device requires a password, pin, or fingerprint to log in.
▪ Web Browser Settings: Many browsers can store your passwords or autofill settings. Take a few minutes to check your browser settings, clear out old data, and ensure your browser’s security settings are still keeping you safe.

April cybersecurity newsletter: Digital Spring Cleaning. University of Nebraska Omaha. (2018, January 23). Retrieved April 22, 2022, from https://www.unomaha.edu/news/2017/04/april-cybersecurity-newsletter.php

Security Spotlight: Tax Season Scams

As the tax season nears, we would like to remind everyone to stay vigilant and to protect your personal and financial information.

The IRS offers the following guidance to identify and avoid scams:

  • Text message scams: Text message phishing—also called “smishing”—occurs when scam artists use deceptive text messages to lure consumers into providing their personal or financial information. During tax season, scams are sent to taxpayers’ smartphones and have referenced COVID-19 and/or “stimulus payments.” These messages often contain bogus links. The IRS does not use text messages to discuss personal tax issues.
  • Email phishing scams: Email Phishing scams use fake websites constructed to look identical to real sites. The IRS does not initiate contact with taxpayers by email to request personal or financial information. The IRS initiates most contacts through regular mail delivered by the United States Postal Service.
  • Phone scams: Criminals can fake or “spoof” caller ID numbers to appear to be anywhere in the country, including from an IRS office.
    The IRS does not leave pre-recorded, urgent or threatening messages. In many variations of the phone scam, victims are told if they do not call back, a warrant will be issued for their arrest.

Adapted from “IRS Warning: Scammers Work Year-Round; Stay Vigilant | Internal Revenue Service.” Www.irs.gov, Internal Revenue Service, 1 Feb. 2022, www.irs.gov/newsroom/irs-warning-scammers-work-year-round-stay-vigilant. Accessed 11 Feb. 2022.

Security Vulnerability: Update to the latest version of Zoom on your devices

Zoom has announced a security update for the Zoom client on all major devices (Mac, PC, iPhone, Android, etc.). The latest version (released on November 28, 2021 version 5.8.6) of the Zoom software patches a vulnerability.

We recommend that all Zoom users check for a software update anywhere Zoom is installed. Any client below 5.8.4 must be upgraded.

How To Update Zoom

Zoom provides a pop-up notification when there is a new mandatory or optional update within 24 hours of logging in.
If you already have the Zoom desktop client installed:
* Sign in to the Zoom desktop client (type Zoom in the Search bar on a PC, and Launchpad or Finder>Applications on a Mac)
* Click your profile picture
* Click Check for Updates
* Follow the prompts to complete the update

On a mobile device, check the app store for updates.

Duo Mobile App: New Update

Duo Security, the University’s two-factor authentication provider, has recently updated the user interface for the mobile app for Android and iOS. Depending on your device settings, your mobile app will automatically update or you will need to manually initiate the update.

What is different?

People who are already using Duo’s mobile app will notice a new look and feel. Other notable differences include:

  • Approve Button Moved to the Right: In the new version (4.0.0) the approve checkmark button will be on the right.
  • Hidden Passcode: the passcode will be hidden until you click “show.” This change is intended to improve information security by enabling you to make sure that your mobile device screen cannot be seen by others when the passcode appears.

New Phone?

Two Step Duo functionality will not automatically transfer to your new phone, so you need to re-enroll your new device. To re-enroll your new device (with the same phone number),  visit duo.scranton.edu.

Phishing and Spam Reminder

With the start of the new school year, we have seen an increase  malicious actors have been busy, leading to a rise in phishing and spamming attempts.  The University email system directs (by default) emails identified as spam to the junk mail folder. As such, we ask that you remain cautious when opening emails in this folder.

Here are two examples of recent phishing attempts that have occurred at the University:

Example 1:

This example starts out asking for a cell phone number, then quickly progresses to the ‘get me some gift cards’ scam.  If you are unsure, verify the request before providing any information.

Example 2:

The following phish is crafted to look legitimate, with the exception that the Technology Support Center would never send out a notice threatening deactivation of any account without additional context. This phish is an attempt to steal user login credentials. If the user hit ‘Click Here’ they would be redirected to a page to enter login credentials, which would then be used by the malicious actor to attempt to gain access to University systems.  Again, if in doubt, please verify a request before providing any information.

Cylance Endpoint Detection Rollout Update

The University of Scranton’s Division of IT is currently deploying Cylance Endpoint Detection and Response (EDR) to all University laptops and desktops. As of this writing, Cylance EDR has been deployed to 417 Windows and 23 Mac endpoints. Over 21 million files have been scanned and 61 files have been quarantined as threats. In addition, over 500 alerts have been generated regarding suspect endpoint behavior, with the majority being low severity.

Deployment to Staff endpoints began in January and will continue over the next several months. Installation of Faculty endpoints will begin after the end of the spring semester.

Cylance EDR is an AI-driven platform that strengthens, automates and streamlines overall endpoint security. Cylance’s EDR capabilities allow us to protect assets from modern cyber and malware attacks. It detects and mitigates highly advanced security threats as they emerge in real-time.

If you have any questions, please contact the Technology Support Center at 570-941-4357 or techsupport@scranton.edu

Eduroam Provides Internet Access to Students, Faculty and Staff

eduroam.jpg

The University of Scranton has joined eduroam, an international roaming service that provides all students, researchers, faculty and staff with secure, easy to use network/internet connectivity across member institutions.

Who can use the eduroam network?

Anyone from a participating higher-ed institution. This facilitates network access and productivity for visiting faculty, students and staff while away from their home institution, without any additional configuration to their computers or mobile devices. In addition, University of Scranton faculty, students and staff will be able to get the same internet connectivity when they travel to any other participating institutions.

How do I use eduroam?

  1. Connect to the “eduroam” WiFi network
  2. Once selected, click “Connect”
  3. Enter your University Email (or Royal ID number) and Password.
  4. Click “OK” (you may be asked to approve/trust a certificate)
  5. When successfully connected you will see eduroam listed in the wireless network list as “Connected, secured”

Improved Guest Wireless Internet Access

The guest wireless network ROYALGUEST was updated last May to provide campus guests with an improved 24-hour wireless internet connection while visiting our campus. Guests will now be required to create an account to access our wireless service. Step-by-step instructions can be found at scranton.edu/guestwireless.

GlobalProtect to be Deployed to Faculty and Staff Windows 10 Computers

Starting on Thursday, August 27, Information Technology will deploy GlobalProtect to all faculty and staff Windows 10 computers. GlobalProtect is the University’s Virtual Private Network (VPN) solution for access to on-campus network resources when you are off campus.

Some of the benefits include:

  • Off-Campus access to your G: and H: drives
  • Allows communication between Microsoft Windows and Office to renew licenses
  • Continues monthly Windows and Office updates, as well as anti-virus software updates
  • Some instructional software must communicate with a server on-campus to check out a license to verify your right to use

If you are logged on at the time of installation, you will receive an alert via the Quest KACE Systems Management Appliance (KBOX), similar to what is pictured below. Please exit all open applications and click Finish. Although you are not required to restart your computer after the installation is complete, we suggest that you do.

After GlobalProtect installs, it prompts for your R# credentials in the lower right corner of the screen.  Enter your username and password and click Sign In.

After you sign in, GlobalProtect notifies you of its status (see below).


Click anywhere on the screen to dismiss the notice. GlobalProtect does not provide any network services while you are connected to the campus network, wired or wireless.

If you are connected to any other network providing Internet access, GlobalProtect is providing network services and the status is reported as you see below.  Note the change in the overlay and wording.

Although it may be hidden, the icon below indicates that GlobalProtect is running and you have signed in.

In this following example, you will see that the icon is grey which indicates that GlobalProtect is running and you have not signed in.

If the icon is spinning and looks like you see below, GlobalProtect is running and trying to connect.

If you don’t sign in, you will see an alert in the lower right corner of the screen each time you log on to Windows.

GlobalProtect may also be installed unobtrusively when you are not logged on to Windows. You will see the sign in alert the next time you log on.

If you are not connected to the Internet at all and you have not signed in to GlobalProtect when you log on, you will see the following:

Connect to the Internet and click OK to confirm the Portal Address (which should be gp.scranton.edu) and sign in.

Should you be signed out for some reason, the alert to sign in appears in the middle of the screen and not in the lower right corner.

Please note the following:

  • GlobalProtect is only for use on University-owned computers. You cannot have it installed on your personally owned work from home computer.
  • Once installed and signed in, GlobalProtect works in the background. You should not have to sign in every day.
  • If you use Pulse Secure you cannot be signed in to GlobalProtect and Pulse Secure at the same time.

Securely Sharing Files with Restricted Data

Although email is a useful and necessary means of communicating, it is not necessarily the most secure method for sharing important or sensitive documents. For example, an email does not simply go from the sender to the recipient instantaneously. Most emails have to travel across multiple networks and servers before arriving in their intended audience’s inbox. These pause points expose emails to attack, usually due to unsecured networks, vulnerable servers, and the people savvy enough to hack them.

The Division of Information Technology recommends that you share specific documents or entire folders using OneDrive (and/or SharePoint). You can review and edit permissions at any time.

Click here to view entire recommendation and step-by-step instructions.