tvsderfv

Petya Ransomware Cyber Attack

Who

University email users

What

There is a massive global Cyber-attack where networks are being infected with a pervasive new version of RansomWare known as Petya. It is spreading rapidly through Windows computer networks; targeting hospitals, governments, corporations and Universities. 

The Information Technology (IT) Department has taken steps to reduce JWU’s exposure to this Cyber Attack through various security measures and tools. However, all the technical security tools and security implementations are not enough. University network users must be vigilant and use caution when using network resources. A manner in which this malware is spread onto a network is through phishing emails with hypertext links or attachments. Once on your computer the virus will spread, encrypting most or even all of the files on a user’s computer and the network as a whole. Then, the software demands that a ransom be paid in order to have the files decrypted.

Many reports suggest that screens around the world are getting this message, indicating a ransomware attack is to blame.

 

Next Steps

Think before you click. Be careful around suspicious-looking emails. Many hacking attempts, including malware infections, come through links or attachments sent over email. If you suspect a phishing email, please delete the email message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the targeted websites. Always delete these messages and do not respond to them.

Basic protection measures: 

  • Check email sender - Verify the message is legitimate. Do not rely solely on trust by virtue of relationship, bank, friend or family member may be a victim of spammers as well.
  • Check Message content - If your bank or a friend claims that they have received something from you, try to go to your recently sent items to double-check their claim.
  • Refrain from clicking links and attachments in email - Clicking on links in email should be avoided. It is safer to visit any site mentioned in email directly.

To Do: If you have responded to these types of fraudulent email messages, please notify the University Help Desk and IT will send you a follow-up email with instructions on how to proceed. And, always reset your password immediately at https://prm.jwu.edu/QPM/User/Identification.

Google Email Scam: " Deb Weinreich has shared a document on Google Docs with you."

Who

University email users

What

This is a phishing attack ongoing for Google email accounts sent through an email address at “hhhhhhhhhhhhhhhh@mailinator.com.”. The phishing emails invite the recipient to open what appears to be a Google Doc, that says, “Open in Docs.”

If you click on the link you are providing access your Gmail account. Users are being sent a link stating that someone has granted them access to a file. Clicking on the link executes a worm to access the account. Once it has this access it harvests your contact list and emails people on it with more phishing emails. 

What To Do

If you have clicked on the phishing link and granted permissions, you can remove permissions for the fraudulent "Google Docs" app from your Google account. Here’s how you can remove permissions:

  1. Go to your Gmail accounts permissions settings at https://myaccount.google.com and Sign-in.
  2. Go to Security and Connected Apps.
  3. Search for "Google Docs" from the list of connected apps and Remove it. It's not the real Google Docs. 

Next Steps

Think before you click. Be careful around suspicious-looking emails. Many hacking attempts, including malware infections, come through links or attachments sent over email. If you have a question regarding the validity of an email you receive please contact JWU IT.