http://alerts.its.psu.edu/service-c The Information Technology Services (ITS) Alerts System is a rapid-delivery method used to distribute timely information on major ITS services, unexpected outages, and maintenance schedules to the Penn State community. en-us Copyright 2009 The Pennsylvania State UniversityTue, 24 Nov 2009 17:34:40 -0500 http://alerts.its.psu.edu/alert-1209
From: Mail System Internal Data MAILER-DAEMON@tr26n18.aset.psu.edu
Subject: DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA
Message-ID: 1251130598@tr26n18.aset.psu.edu
Status: RO
X-UID: 15707

This text is part of the internal format of your mail folder, and is not
a real message. It is created automatically by the mail system software.
If deleted, important folder data will be lost, and it will be re-created
with the data reset to initial values.

ITS is working on a solution to stop this from happening. It is ok for the user to delete this message at this time. When we have working solution in place, we will update this alert.]]> Mon, 24 Aug 2009 14:23:17 EST http://alerts.its.psu.edu/alert-1102 so that any e-mail being sent directly to email.psu.edu and mail.psu.edu from sources outside of Penn State will be scored/filtered as spam. This recent update to scoring/filtering methods marks Penn State's continued effort to modify server-level spam filters in response to spammers finding new ways to infiltrate users' inboxes. Overall, users should now be noticing a significant decrease in the amount of spam.

As a reminder, colleagues, friends, and family of Penn State faculty,staff, and students should be directed to properly address e-mail messages to xyz5000@psu.edu rather than to xyz5000@email.psu.edu or xyz5000@mail.psu.edu. For more information about address formatting,please visit the e-mail section of the ITS Knowledge Base (KB) at http://kb.its.psu.edu/topics/email.

In addition to the anti-spam methods employed by the University, users are strongly encouraged to configure their respective e-mail clients for the Penn State spam filter, X-PSU-Spam-Flag. Instructions are found in the ITS KB at http://kb.its.psu.edu/psu-all/hd/spamflag/.

For more information the University's efforts to combat spam, please visit the ITS Knowledge Base (KB) at
http://kb.its.psu.edu/psu-all/hd/IP-address-blocking-determination/. General inquiries and requests for assistance should be directed to ITS
Help Desk staff at helpdesk@psu.edu. ]]> Mon, 04 May 2009 13:36:11 EST http://alerts.its.psu.edu/alert-835
A new variant of a phishing scam targeting Penn State users in an effort to convince them to give away their password was circulating on September 7 and the morning of September 8.

This new variant appeared to come from "PSU.edu Admin", and the message begins with a warning about a PHISHING ALERT. Unlike previous targeted phishing messages, this one does not ask for an e-mail reply with the user's password, but includes a web link to a phony Internet page which is designed to exactly mimic Penn State's WebAccess login page.

Several Penn State users have been reported to have found the phony web page credible enough to have logged in with their Penn State access account ID and password. Those users are advised to go to the real Penn State access account management page and change their password:
https://www.work.psu.edu/apps/work/work.php

Internet access to the phony web site was blocked during the morning. However, users should be alerted that the scam is likely to be repeated using a different Internet address as long as users continue to fall for the scam.]]> Mon, 30 Mar 2009 12:56:41 EST http://alerts.its.psu.edu/alert-1076
Both have links in the message body which takes one to a web page which exactly mimics Penn State’s WebAccess login page. This is NOT the real WebAccess page, and any user who enters their userID and password will compromise their Penn State access account.

Penn State users are asked to be vigilant to any further variation on the fake WebAccess phishing, and to delete any such e-mail they may receive.]]> Mon, 30 Mar 2009 12:43:02 EST http://alerts.its.psu.edu/alert-1028 year. According to reports, some attractive housing listings list a Gmail address as the only contact information. When inquiring about the property, the automatic e-mail reply will request that the interested party complete some form of credit check, including personal information or the means to access personal information. Some may have a false rental agency Web site backing up the e-mail reply. Again, this appears to be a phishing scam, and should be avoided.]]> Thu, 12 Feb 2009 07:42:42 EST http://alerts.its.psu.edu/alert-989 Fri, 16 Jan 2009 06:07:52 EST http://alerts.its.psu.edu/alert-935
Following initial execution of the payload, in addition to initiating processes for spreading itself, a backdoor is opened, allowing remote control and the probability for additional downloading of other malware. Infected Windows computers should be formatted and rebuilt, removable drives attached during the infection period should be formatted as well, and the user should change any passwords used during that period of time from an uncompromised host.

A brief Trend Micro write-up:
http://blog.trendmicro.com/bogus-mcdonalds-coca-cola-promos-used-as-worm-carriers/]]> Thu, 04 Dec 2008 08:38:27 EST http://alerts.its.psu.edu/alert-786
One version of these messages states that it's from the "webmail messaging center" and that the University is upgrading Penn State WebMail, so recipients should "upgrade their user accounts." It also requests that recipients "provide their User Name, Password, and Date of Birth within seven working days, or risk losing their accounts."

These e-mails did not come from Penn State and are a phishing scam. Do not respond to these e-mails. If you receive an e-mail similar to what is described above, do not provide any of the requested information and delete the message immediately. Penn State Information Technology Services (ITS) urges students, faculty, and staff not to give their passwords to anyone, under any circumstances. Your password is an essential part of your Penn State "digital identity" and must always be kept as secure as possible. In addition, the University (and other official organizations) will never require you to provide sensitive information such as passwords, credit card numbers, or social security information via e-mail.

Students, faculty, and staff can learn more about phishing scams and other computer security dangers at Penn State's Take Control Web site (http://its.psu.edu/takecontrol/phishing.php). Phishing scams are perpetrated by criminals, who use fraudulent e-mails or fake Web sites to seek sensitive or personal information, such as passwords, credit card account information, and social security numbers for illegal interests. Other universities report the same type of targeted phishing scams being sent to recipients in their own communities.

For additional tips on how to recognize and avoid phishing scams, visit:
http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.pdf

ITS reminds the University community to use caution when responding to all forms of e-mail. Students with questions or concerns about e-mail they receive should contact the ITS Help Desk at helpdesk@psu.edu. ]]> Mon, 28 Jul 2008 15:30:09 EST