Computer Services
Main Page		  
Computer Services Memo

 
To: The University Community
From:
 Ken Ihrer,
Chief Information Security and Privacy Officer
Date:
October 11, 2005
Subject: Computer Security Announcement

The University is currently experiencing a “phishing” attack. Phishing (pronounced “fishing”) attacks are performed by criminals who send out millions of e-mails with links to fraudulent websites that imitate the 'look and feel' of bona-fide business Web sites. These criminals hope to fool you into divulging your personal financial data such as account usernames and passwords, credit card numbers, or social security numbers. Their intention is to steal your identity and then try to withdraw money from your bank or to make purchases with your credit card.

The current phishing attack is made up of messages that appear to come from PayPal, an internet company that allows you to send and receive payments to or from other internet users or businesses. PayPal has become a favorite target of phishers because PayPal usually has access to your bank or credit card accounts. The links in these messages are really pointing you to an overseas server whose sole purpose is to steal your personal information. 

Please delete any PayPal messages you have received over the past few days. If you believe that PayPal has reason to contact you, go directly to their Web site and do not click on any link contained in an email you have received. PayPal has set up a special website where you can report these abuses at http://www.paypal.com.

Today is “Patch Tuesday.” Every second Tuesday of the month, Microsoft issues system patches to correct security vulnerabilities found in the Windows operating system. Microsoft will release several new critical security patches today. In order to protect your computer and the University's computing environment and network, we are requesting that these patches be applied to your workstation as soon as possible. 

All of the Temple computers that were attacked by the malicious computer worm in recent weeks did not have the Automatic Update feature turned on. Although a patch for defeating this worm was available from Microsoft, the worm was able to successfully attack the Temple computers that had not been updated.

If you do not already have the Windows Automatic Update feature turned on, we strongly urge you to do so. Turning on this feature will ensure that the latest security patches are automatically downloaded and installed on your computer. Our Computer Services Help Desk (215 204-8000) is ready to assist you with this issue, or visit our Web site for easy to follow instructions at http://www.temple.edu/cs/windowsupdateinstructions.htm.

By taking the necessary steps to protect your computer, you can help us to greatly reduce our susceptibility to serious virus and worm outbreaks that are capable of crippling our network and computing resources. With your help, we can better serve the University community by providing the safe and secure computing resources needed to provide our students with a quality education.

As always, Computer Services will continue to look for ways to provide better security and privacy to our University Community. For more information on Computer Security, please visit our Web site at http://www.temple.edu/cs/security/index.htm.

Happy and Safe Computing.
.