NOTE TO READERS: The Catch of the Day blog not only posts examples of phishing, fraud, and other malicious emails, but also best practices and general CIS news items. This is one of them! You can always locate best practices and news items by clicking on any category (right-hand sidebar).
On November 28th, a serious vulnerability was discovered in the Apple Mac operating system High Sierra. This vulnerability allows a bad actor to gain complete control of a user’s computer, which could lead to the loss of important data and the installation of malicious software (malware).
Apple released a fix and we advise everyone who uses High Sierra to apply the critical security update to their Apple machine. Computing and Information Services currently does not deploy or support High Sierra on Vassar-owned machines. However, we want to ensure that student machines and personally-owned machines are updated, as any compromised machine on campus could affect the Vassar community.
If you have a Vassar-owned machine that is running Sierra, El Capitan, or an earlier operating system, please do not upgrade it to High Sierra as it may disrupt the functionality of your machine.
(Click “Continue Reading” for instructions)
NOTE TO READERS: The Catch of the Day blog not only posts examples of phishing, fraud, and other malicious emails, but also best practices and general CIS news items. This is one of them! Be sure to browse our other best practices and keep your eye out for more coming soon.
There have been increasing incidents of Identity Theft throughout the United States, generally due to large data breaches, and occasionally smaller incidents of phishing. Most notably, you may have seen news reports about a large-scale breach at the credit reporting company Equifax.
We care about the information and systems here at Vassar, but we also care about your personal well-being and the protection of your own personal and financial information. You can protect yourself through the following steps:
- Freeze your credit report to prevent hackers from using your information to open new accounts or take out loans: https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
- Create your online Social Security account, regardless of your age or retirement status. This will prevent criminals from opening the account in your name and withdrawing your social security funds: https://www.ssa.gov/myaccount/
- Use Duo multi-factor authentication for Vassar services. You can set this up yourself and find more information here: https://servicedesk.vassar.edu/solutions/571021-vassarone-setting-up-multi-factor-authentication-with-duo
- Be suspicious of any phone calls or emails that ask you for any personal information or your electronic credentials – either personal or Vassar-rleated. In this time of natural disasters, also be on the alert for fraudulent fundraising solicitations related to the recent hurricanes. This blog has many examples of fraud, phishing, and other malicious emails. Click on the categories (right-hand side of this page) for specific posts
More about the Equifax breach
Equifax is one of the three largest credit reporting firms in the country. On September 7th, they reported a large scale data breach affecting 143 million customers. Be sure to visit their website and read the information carefully: https://www.equifaxsecurity2017.com/
Have you already been a victim of identity theft?
The US Government has an informational site for what to do if this has happened to you. https://www.identitytheft.gov/