Cybersecurity

ALERT: Phishing attempts

By June 29th 2022

Reports of phishing attempts were brought to the attention of LITS today by several in the Allegheny community. The message includes a link that appeared to be going to Allegheny’s Web Help Desk, but actually directs the user to a malicious page.

This is a good reminder to be cautious when receiving unexpected emails.

If you get a message you think is phishing/spam:

  1. Do not click on links in the email or reply to the email.
  2. If you know the sender, reach out to the sender by other means (for example, via chat or phone, or in person) to confirm whether they did legitimately send the message.
  3. If you don’t recognize the sender, be especially cautious before taking any action.
  4. Report it as spam/phishing in Gmail.

Please do not hesitate to contact the InfoDesk at infodesk@allegheny.edu to report phishing attempts or obtain more information.

LITS always encourages safe account practices and would encourage you to visit the LITS website to change your password if you ever feel that your account credentials have been compromised.  In addition, 2-step verification provides an added layer of protection against this possibility.

Tech Tip Tuesday: Safety Check in Google Chrome

By April 12th 2022

Google Chrome now has a feature called “Safety check”, which can help make sure your browser and passwords are as secure as possible. To access the Safety check:

  1. At the top right, click More  Settings.
  2. Click Privacy and Security .
  3. Under Safety check click Check now.

The results will give you information on whether Chrome is up to date, if you have any saved passwords that you might want to double-check, whether standard or enhanced browsing protection is enabled, how well protected your browser is from potentially harmful extensions, and whether Chrome can detect any harmful software on your device.

Screenshot of sample Safety check results in Google Chrome

Subscribe to get LITS News and Updates in your inbox.

KnowBe4 Training Email

By April 4th 2022

This morning, many Allegheny employees received an email notifying them that they have been added to training for a service called KnowBe4.

KnowBe4 is a service that LITS has adopted to give employees a tool to manage occasional spam and phishing attacks right from your Gmail inbox.

The email, sent from <do-not-reply@training.knowbe4.com>, is legitimate. However, this email was not intended to go out to employees just yet. Clicking on the link in the email for the training portal will give users a notice that it has not been configured yet.

For now, please disregard the email as LITS works on configuring KnowBe4 Training for campus employees.

For questions, please reach out to the InfoDesk.

Subscribe to get LITS News and Updates in your inbox.

Tech Tip Tuesday: Account Security Reminders

By February 22nd 2022

As students return for Spring semester, LITS reminds everyone to practice safe computing on campus and off. Here are some tips on how to keep your computer and your Allegheny Account safe:

If you’d like to learn more, Popular Science provides a guide to better online security in 2022. You can also check whether your phone number or email address has been included in any known data breaches at the website Have I Been Pwned?

If you have questions about the security of your computer or your Allegheny account, we encourage you to reach out to the InfoDesk.

Subscribe to get LITS News and Updates in your inbox.

Tech Tip Tuesday: See Devices That Have Used Your Google Account

By February 8th 2022

What devices have you used for logging into your Allegheny College Google account? Many people use only their work desktop, and maybe their phone. Others may use multiple devices in a number of different locations.

By visiting google.com/devices, you can see computers, smartphones, tablets, and other devices that are using or have recently used your Google account. We recommend checking this every now and then to ensure that no one else has access to your Google account.

See the original Google Account Help article for more information, including how to:

  • Manage devices currently accessing or have previously accessed your account.
  • Sign out of devices you no longer use
  • Secure your account if you see an unfamiliar device

If you see a device you don’t recognize, LITS recommends that you change your Allegheny account password.

Learn more about Google accounts.

Subscribe to get LITS News and Updates in your inbox.

Tech Tip Tuesday: Focus Time in Google Calendar

By February 1st 2022

Do you need more time to focus on a specific task? You might already be practicing a time management technique known as focus time — planning blocks of uninterrupted time to focus without distractions. Google Calendar has added the option to schedule focus time and build it right into your daily calendar.

To schedule focus time, simply create a new event. Along with the established types of event, such as “Task” or “Appointment slots”, you’ll see the option now for “Focus Time”.

Screenshot of the event creation dialog box in Gmail, with "Focus Time" highlighted

If you set the visibility of the event to “Private”, others who can view your calendar will only see that block of time as “Busy”.

Screenshot of the event visibility dialog from Google Calendar, with "Private" selected

Learn more about using Google Calendar.

Subscribe to get LITS News and Updates in your inbox.

ALERT: Phishing

By December 16th 2021

Reports of phishing attempts were brought to the attention of LITS by several in the Allegheny community. The message claimed to be coming from a member of LITS, asking for cell phone numbers.

This is a good reminder to be cautious when receiving unexpected emails.

If you get a message you think is phishing/spam:

  1. Do not click on links in the email or reply to the email.
  2. Reach out to the sender by other means (for example, via chat or phone, or in person) to confirm whether they did legitimately send the message.
  3. Report it as spam/phishing in Gmail.

Please do not hesitate to contact the InfoDesk at infodesk@allegheny.edu to report phishing attempts or obtain more information.

LITS always encourages safe account practices and would encourage you to visit the LITS website to change your password if you ever feel that your account credentials have been compromised.  In addition, 2-step verification provides an added layer of protection against this possibility.

Amazon Web Services Outage 12/7/2021

By December 8th 2021

On Tuesday, December 7, Amazon Web Services encountered a serious disruption that caused outages in many systems worldwide. A number of online services used by Allegheny College were affected, including Canvas, RefWorks, the GET food app, and other services.

As of 4:35  p.m. PST Tuesday afternoon (7:35 p.m. locally), Amazon Web Services reported that the issue had been resolved. LITS will continue to monitor the situation and will provide updates if needed. We thank those in the campus community who alerted LITS to issues they encountered.

If you encounter issues with any of the college’s online services, please open a Web Help Desk ticket. If you have questions, please reach out to the InfoDesk at infodesk@allegheny.edu or call the InfoDesk at 814-332-3768.

Subscribe to get LITS News and Updates in your inbox.

Security Update Applied to Google Drive

By July 28th 2021

Link Sharing Security Update from Google July 2021

Google is sending an email to a number of campus members starting Monday July 26, 2021. To see what that email will look like, there is a screenshot below. Note – the message will be similar to the screenshot; it may not be an exact match.

Screenshot of an email message from Google with the heading "Security update will be applied to Drive"

Why is this occurring?

Google is applying a security update to certain folders and files. Which folders and files?

  • This will only be applied to folders/files uploaded to Google Drive from November 2017 and previous months/years (ex: content from 2016, 2015…)
  • Non-native Google documents (ex: Word document, pdf…)

Please note that for every folder/file of yours in the list, the link will be updated as part of this security update. This means the link will change.

What is the change?

If you shared a file by changing the link sharing on the file from restricted to either anyone at Allegheny College or anyone on the web, people who may have viewed the file in the past will still have access, but anyone who has not previously accessed the file will no longer have access.  

For folders or files used in websites, see the – “What else should I know” question below. 

When will this be applied?

The email will come out the week of July 26. If you do not get an email, none of your content will be impacted. There are plenty of people who came to Allegheny after November 2017 and, thus, have no content in Google Drive prior to November 2017. It is an okay thing to not receive the email.

Google will apply the changes to the folders/files in your list starting September 13, 2021 and will complete the updates by September 30, 2021. Your content may be updated at any time during this timeframe. You will not receive any notice that the change occurred nor will you notice the new security update. But please note that the links will be changed. 

What can I do between now and Sept 13?

If you review your list of folders and files and see a file or two that you would like to update now to avoid possible issues later, you can easily copy the file which will create a new link. You can then distribute the new link and/or update a website to point to the new link. 

We would suggest renaming the old version of the document (or deleting it–your choice).

What should I do with this email?

You can review what folders/files will be updated by opening the document from the link in the email that Google sends you. There is no need for you to do anything with these folders and files at this time, but you can (see “What else should I know” below). The email is just an update for an upcoming change. 

We suggest you save this email, and possibly star the message in order to reference it again in September or later this year. 

What will the security update do to the links for my folders and files?

The security update will change the link to a new link. No content will be changed. 

What else should I know?

If in September or later this year, you start receiving email updates for people to access the folders/files impacted, more than what you may typically get for a folder or file, you should re-share the new link to those you want to have access to the folder or file. 

If the folder or file is located on a website, you would need to update the website to use the new link.

Google Outage Update

By December 15th 2020

Google released the following statement about the outage on Monday, December 14th, 2020:

“Google Cloud Platform and Google Workspace experienced a global outage affecting all services which require Google account authentication for a duration of 50 minutes. The root cause was an issue in our automated quota management system which reduced capacity for Google’s central identity management system, causing it to return errors globally. As a result, we couldn’t verify that user requests were authenticated and served errors to our users. …We will publish an analysis of this incident once we have completed our internal investigation.”

In light of recent prominent events related to cybersecurity, LITS would like to assure the Allegheny College community that the Google outage was not a security incident but rather an internal problem at Google.