Locating Our Confidential Data
Identity Finder is being installed to help reduce our risk.
In an effort to try and detect confidential data on university-owned systems and reduce the risk that UMBC will be the source of a data breach, UMBC has worked with the university system to purchase a program called Identity Finder. Identity Finder is a program that runs in the background on computers and looks for information like SSNs and credit card numbers. The program will make a list of the files that contain this information, but will not modify or delete the files. Once we receive the lists of files that possibly contain confidential data, we will work with each machine's owner to determine how to best manage data.
We have been running the program, for almost a year, in the departments that process and store SSNs and credit cards as a standard part of their business. Starting this week, we are pushing the program out to all centrally managed UMBC machines. The software will be installed automatically on each system, through Active Directory, and members of the UMBC community should not need to do anything. If anyone sees an impact from the installation of Identity Finder or has any questions, they should contact the DoIT Technology Support Center at x53838.
Mark Cather
DoIT / UMBC
]]>
In an effort to try and detect confidential data on university-owned systems and reduce the risk that UMBC will be the source of a data breach, UMBC has worked with the university system to...
https://beta.my.umbc.edu/api/v0/pixel/news/52209/guest@my.umbc.edu/fb0acceac21cd8b2fc84c338f2d9b69d/api/pixel
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology (DoIT)
4
0
false
Tue, 09 Jun 2015 10:01:48 -0400
Sat, 26 Mar 2016 00:11:39 -0400
Recent Phishing Email Messages
How to Identify and Report Phishing Messages.
UMBC has recently been the target of an increasing number of phishing messages. These phishing messages appear to come from the UMBC Division of Information Technology or another university official, but they are actually coming from hackers. Over the last few weeks, we have received many reports of phishing messages asking for people to verify their UMBC account by providing their UMBC username and password. Messages have also been received asking for instructions related to wiring money to a bank account.
In almost all phishing messages, there are some typical clues that should cause us all to be suspicious:
- The messages look official but are not sent from a "umbc.edu" email address.
- Some of the messages list a copyright at the bottom.
- Some of the messages include the phrase "All Rights Reserved".
- The messages include a link to a web page that is not on a "umbc.edu" server.
- The message comes from a department that we do not have at UMBC or a person who does not work at UMBC. One of the recent messages claimed to be from the "Security Alert Office". UMBC does not have a department by that name.
All of these are signs of a message that is likely a phishing message.
One last big clue that a message is a suspicious phishing message is in content of the message. DoIT will NEVER ask for a person's username and password as a part of a legitimate support request. We do not need a person's username and password in order to provide assistance or verify an account.
If you do receive a message that you believe is a phishing message, there are a few things that you can do:
- Forward a copy of the message to security@umbc.edu. This will send the message directly to the DoIT IT Security Department. We will review the message and determine if any action is needed.
- Call the group that the message appears to come from on the phone and ask if the message is legitimate. In the case of messages that appear to come from DoIT, please contact the DoIT Technology Support Center at x53838.
If anyone has additional questions about phishing messages or any other computer security topic, please feel free to contact the UMBC IT Security Department at
security@umbc.edu.
Mark Cather
Chief Information Security Officer
Division of Information Technology / UMBC
]]>
UMBC has recently been the target of an increasing number of phishing messages. These phishing messages appear to come from the UMBC Division of Information Technology or another university...
https://beta.my.umbc.edu/api/v0/pixel/news/51604/guest@my.umbc.edu/281686a4ac072160edfe24fc20f270e5/api/pixel
itsecurity
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/xxlarge.jpg?1430335389
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/xlarge.jpg?1430335389
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/large.jpg?1430335389
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/medium.jpg?1430335389
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/small.jpg?1430335389
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/xsmall.jpg?1430335389
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/051/604/9653d77d9d5a084b880262a75a3d0210/xxsmall.jpg?1430335389
6
1
true
Tue, 28 Apr 2015 22:08:16 -0400
Sat, 26 Mar 2016 00:12:34 -0400
Critical Security Flaw in Core Linux Library
Allows for complete control of a system with no credentials
Earlier this week a critical security flaw in the gethostbyname() function of glibc in Linux was exposed. This effects many major linux distributions including Redhat 5 and Redhat 6 Enterprise. This vulnerability has the potential to allow a fairly simple attack to gain complete control of a server. Any vulnerable servers should be patched and rebooted as soon as possible.
DoIT has been patching and rebooting our systems and we are now protected from this on all centrally managed accessible servers. We would encourage any linux admins to check out the posting below to see if your system is vulnerable and patch accordingly. I've also included a link to a PCworld article with a new exploit that just came out showing how this flaw can be used.
Its being referred to as the GHOST vulnerability because it uses the GetHost function. Besides the obvious security issue, this one has some marketing behind it as well, its even got a cute logo (see below), so I think you may see it around the news at some point.
List of vulnerable glibc versions:
For information:
]]>
Earlier this week a critical security flaw in the gethostbyname() function of glibc in Linux was exposed. This effects many major linux distributions including Redhat 5 and Redhat 6 Enterprise....
https://beta.my.umbc.edu/api/v0/pixel/news/49518/guest@my.umbc.edu/6d632f23938175dcab67b98178404d40/api/pixel
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
1
0
true
Sat, 31 Jan 2015 10:59:20 -0500
Sat, 26 Mar 2016 00:13:47 -0400
DoIT Taking Steps to Protect Sensitive Data on our AD server
Over the weekend of May17-18, DoIT will be copying files found on our Active Directory (AD) servers that have sensitive information in them and encrypting those files and storing them in a special location. DoIT will be glad to work with anyone that requires access to these files for their work or scholarship, we ask you submit a help request ticket or email
security@umbc.edu. Before giving you these files back we will have one of our staff contact you and go over procedures for how to safely store and work with files that contain sensitive information in a way that protects the university and individuals.
We want to thank everyone for your cooperation to date, as DoIT has been working with departments to remediate other places that have this information we have seen great cooperation. We very much appreciate the way the UMBC community has supported the efforts to better protect the information of our students, alumni, staff, and faculty. We know this is abrupt but felt that getting the data in a secure state was of the greatest importance.
Below is some information to explain this further.
Why is DoIT removing these files from AD at this time?
Due to the data breach at UM-College Park, the Regents have instructed all institutions to take additional steps to identify and protect personal information, such as SSN, from being released. The Regents have asked that campuses undertake an inventory to find where this information is stored and take all appropriate measures to protect this information. Under Maryland law, file encryption is one of the recognized measures for protecting information.
Why the sense of urgency?
Over the years, DoIT has consistently increased space for users and departments in our Active Directory environment. The totality of the number of files makes the Active Directory (AD) server critical to protect. Because we feel most of these files were used in the past and most will not be needed immediately, we feel acting quickly is the best course of action to ensure we are protecting the university and each others information.
What kind of files are being scanned?
The software that we have scans word, excel, pdf, and images looking for SSN's. Most of the files it will find are old reports dating back many years ago when SSN was regularly used. In many cases, the files may contain on a few SSN's in them.
How can I find out what files were taken from my account?
Please submit a ticket,
http://my.umbc.edu/help, and we will send you back the list of files associated with your names. If you don't notice any files missing it is likely the files we protected were no longer needed.
How do I get access to my files with SSNs in them?
You should submit a ticket through
http://my.umbc.edu/help, we will have someone work with you go over the best way to do this. If you have a time critical issue, please note that in the ticket and we will expedite this.
What will I do if I need to do if I regularly deal with files that have SSNs in them as part of my job?
There are options available (encrypted hard drives, UMBCs Box.com service) for securely working with these kinds of files. DoIT will sit down with your staff and understand what your needs are and come up with a solution that meets your units needs but at the same time ensures you are protecting the information and the university.
Will you continue to scan for sensitive files in my account?
Yes. We intend to run the process on a regularly basis and scan, at least monthly, all files on Active Directory and remove and encrypt files with sensitive information in them..
Will DoIT delete these files at some point in the future?
There are no immediate plans to do this right now. Our plan is to work with units over the next fiscal year to review the files and discuss the best ways to safely handle sensitive data. As part of that process we will ask departments if there are any files that can be safely deleted.
]]>
Over the weekend of May17-18, DoIT will be copying files found on our Active Directory (AD) servers that have sensitive information in them and encrypting those files and storing them in a...
https://beta.my.umbc.edu/api/v0/pixel/news/44704/guest@my.umbc.edu/1f725cafc713ff1be5f36da3d7bbb860/api/pixel
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
0
0
false
Fri, 16 May 2014 09:50:33 -0400
Sat, 26 Mar 2016 00:16:26 -0400
Warning: Email Phishing Attacks Targeting Faculty & Staff
Never give out your username or password
DoIT continues to receive reports of faculty and staff receiving that is part of a targeted "phishing" attack to steal your username and password information or infect your computer.
One recent email that a number of faculty received appeared to come from Blackboard, and is listed below. DoIT will not give out our email lists to 3rd parties and it would always come from someone in DoIT.
The message below does not have the Link active, however, in the original message if you took your mouse and hovered it over the link for "Click here to sign in and revier this article now." you would see the web site is not Bloackboard.com
| Subject: | New School Article - Important |
|---|
| Date: | Sat, 5 Apr 2014 12:35:05 -0700 (PDT) |
|---|
| From: | Blackboard Articles <articles@www.blackboard.com> |
|---|
| To: | SOMEONE@UMBC |
|---|
Hello,
Your school has uploaded an article with your information tagged in the content.
Please sign in immediately to review your information.
Click here to sign in and review the article now
Comment/Notifications of articles that are published will be delivered to you.
Black board Articles.
Starting with the announcement on Monday evening, DoIT staff have been working to understand the risks, determine which systems are vulnerable, and take the necessary steps to remediate or lessen the risk. DoIT classifies system risk from 0 - very low to 3 (very high). Over the last two days we have patched or remediated all of our level 2 and 3 servers. We expect to have all systems patched this week. In addition, we are working with departmental IT staff to identify and address issues in the departments. We also continue to work closely with commercial partners to patch devices and equipment that may be impacted
Prior to this event occurring, DoIT was planning to move forward with a mandatory password change for all users starting the end of April. As a precaution, we are looking at expediting this process and will be sending out another message on this early next week to expedite that process.
If you are wondering if a site is vulnerable, there is a web site created that you can use to test: http://filippo.io/Heartbleed/ and type in a web site.. Any questions or concerns may be directed to security@umbc.edu
Update:
Given recent IT security threats generally, DoIT has decided to force the password change to May 23, 2014, the day after Undergraduate Commencement. Thank you in advance for your patience and understanding.
--------------------------------------------
In an effort to improve campus security and better protect user information, DoIT is requiring that everyone with a UMBC account must change his or her password by June 9, 2014, unless this has already been done this calendar year. This will apply to all myUMBC account holders -- students, faculty, staff and alumni. We know people hate changing their account passwords, but with the rise of emails targeting people to share their account and password, called phishing, we feel it is necessary for security.
As part of this effort, everyone will also be required to provide an alternate email address and create account security questions. Once in place, all users will then be able to reset their password through a self-service page. We have had these account security questions in place for the last two years for students and the program has been very successful in reducing the number of time-consuming, manual password resets performed by our Technolgy Support Center (TSC). We expect that by expanding self-service password resets to all account holders, everyone will benefit.
A notice will appear to all faculty and staff when they login on Wednesday, April 23, informing them they need to change their password and establish their security questions, if they have not done so already in 2014. While the final date for password changes is June 9th, DoIT especially recommends that faculty make this change before they leave for the summer. We will also be sending out regular reminders.
To create your own security questions, visit the following Frequently Asked Question (FAQ):
How do I create my security questions to reset a forgotten password?
If you have any questions or need help, please submit an RT Ticket or contact the TSC at 410.455.3838.
]]>
Update: Given recent IT security threats generally, DoIT has decided to force the password change to May 23, 2014, the day after Undergraduate Commencement. Thank you in advance for your patience...
http://doit.umbc.edu/tsc
https://beta.my.umbc.edu/api/v0/pixel/news/43156/guest@my.umbc.edu/2ed428be40a2cd3dfd502f2933a09b23/api/pixel
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/xxlarge.jpg?1396493740
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/xlarge.jpg?1396493740
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/large.jpg?1396493740
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/medium.jpg?1396493740
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/small.jpg?1396493740
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/xsmall.jpg?1396493740
https://assets2-beta.my.umbc.edu/system/shared/thumbnails/news/000/043/156/1715a3a663307916bd96b966cdf2ee16/xxsmall.jpg?1396493740
57
4
true
Wed, 02 Apr 2014 22:57:22 -0400
Sat, 26 Mar 2016 00:18:19 -0400
Phishing Scam Alert - Subject: IT Service Help Desk
UMBC would never ask "users are to verify there accounts."
A new phishing scam is threatening to deactivate email accounts. This email is not from UMBC. Do not click this link.
Here's what's being received:
"This E-mail is sent by the HelpDesk Expert for IT Support system for Mailbox notification and update purposes. We are conducting an email sweep upgrade due to our new login home page that is coming up soon for your better and faster server. So we are removing all unused email and registration of all active Student/Staff mail account to enable the University create new logins for our 2013/2014 students and staff. So all users are to verify there accounts.
CLICK HERE: To go to verification page and follow the instructions on the popup page
IMPORTANT NOTICE: ACCOUNT OWNER THAT REFUSES TO VERIFY/UPGRADE HIS/HER ACCOUNT WILL LEADS TO YOUR ACCOUNT DE-ACTIVATION WITHIN 48 HOURS PRIOR TO THE URGENT THAT CONTAINED IN THIS SHEET.
Copyright@2013 Help-desk Technical Support Centre."
Again: Do Not Click The Link. If you already did, please change your password immediately.
]]>
A new phishing scam is threatening to deactivate email accounts. This email is not from UMBC. Do not click this link. Here's what's being received: "This E-mail is sent by the HelpDesk...
https://beta.my.umbc.edu/api/v0/pixel/news/38221/guest@my.umbc.edu/f7dbd1d0dd47e16dc9b7046b2ac56402/api/pixel
phishing
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/xxlarge.jpg?1384191638
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/xlarge.jpg?1384191638
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/large.jpg?1384191638
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/medium.jpg?1384191638
https://assets2-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/small.jpg?1384191638
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/xsmall.jpg?1384191638
https://assets2-beta.my.umbc.edu/system/shared/thumbnails/news/000/038/221/c9ae486d4193a28218ebcf092e1a1659/xxsmall.jpg?1384191638
84
7
true
Mon, 11 Nov 2013 12:48:18 -0500
Fri, 25 Mar 2016 11:47:31 -0400
Phishing Scam Alert: Fake Blackboard Notifications
Blackboard email notifications do not require you to sign in
A new phishing scam is attempting to fool people into providing personal information by claiming that there is a Blackboard notification waiting for them, and provides a link for logging into Blackboard. Do not click this link.
Blackboard email notifications do not require you to sign in to Blackboard to read them, the information is provided in the email itself. Always visit http://my.umbc.edu directly to log into Blackboard or by typing it in the address bar, or using your own bookmarks/favorites.
Here is an example of the phishing email to watch out for:
Good Morning,
Your school has posted an important information regarding a course for you.
You are required to immediately sign in to Blackboard Learn.
Click here to sign in to Blackboard Learn
Thank you.
Blackboard Learn Notifications.
Here is another example:
Good Morning,
An important course form has been posted to you on the Blackboard Learn System.
Click here to confirm the form
Thank you.
Blackboard Learn Notifications.
]]>
A new phishing scam is attempting to fool people into providing personal information by claiming that there is a Blackboard notification waiting for them, and provides a link for logging into...
https://wiki.umbc.edu/display/faq/Blackboard
https://beta.my.umbc.edu/api/v0/pixel/news/36838/guest@my.umbc.edu/41839a0b7fb959b2549be619f82a9ad5/api/pixel
blackboard
phishing
security
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/xxlarge.jpg?1381428514
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/xlarge.jpg?1381428514
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/large.jpg?1381428514
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/medium.jpg?1381428514
https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/small.jpg?1381428514
https://assets1-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/xsmall.jpg?1381428514
https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/036/838/b210d3789a96350fb4b8e79720ea5976/xxsmall.jpg?1381428514
4
0
true
Thu, 10 Oct 2013 14:09:44 -0400
Fri, 25 Mar 2016 11:48:04 -0400
All Students Required to Create Account Security Questions by May 22
To facilitate self service, all students will be required to create security questions only they can answer by Tuesday, May 22, so they can access their account and reset their own password. A notice will appear to all students without security questions starting on April 19.
Typically, more than half of DoIT’s weekly Request Tracker (RT) tickets involve a manual password reset by three full time staff members at the Technology Support Center (TSC). Most of these tickets are from students without security questions. As a result, TSC staff can ONLY reset someone’s password with verbal confirmation of secure data in real time, which is often preceded by several “phone tag” voice mail messages to schedule an appointment to do so. Since DoIT resolved more than 23,000 tickets last year (37 percent within a day or less), improving user self-service should increase our capacity to help resolve more complex issues.
To create your own security questions, visit the following Frequently Asked Question (FAQ):
How do I create my security questions to reset a forgotten password?
https://wiki.umbc.edu/x/hIAc
If you have any questions or need help, please submit an RT Ticket or contact the Technology Support Center (TSC) at 410.455.3838.
]]>
To facilitate self service, all students will be required to create security questions only they can answer by Tuesday, May 22, so they can access their account and reset their own password. A...
http://www.umbc.edu/blogs/oit-news/archives/2012/04/all_students_re.html
https://beta.my.umbc.edu/api/v0/pixel/news/13849/guest@my.umbc.edu/871b6ad403e7c3ed739dd367b5bc0571/api/pixel
general
password
security
umbc
Division of Information Technology (DoIT)
https://beta.my.umbc.edu/groups/doit
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/original.JPG?1727453227
https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxlarge.png?1727453227
https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xlarge.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/large.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/medium.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/small.png?1727453227
https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xsmall.png?1727453227
https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/021/d27760c5de12c74b73faec8d0e631acf/xxsmall.png?1727453227
Division of Information Technology
2
0
false
Tue, 17 Apr 2012 13:07:14 -0400
Tue, 17 Apr 2012 13:07:14 -0400
