Urgent Information Security Measures and Reminder

Monday, February 20, 2023, 12:00pm

TO: Campus Community
FR: Andru Luvisi, Information Security Officer
Recently, there has been a sharp rise in cyber criminal activity targeting the CSU. Out of an abundance of caution, SSU IT will be implementing the following information security enhancements:

  • All users will be required to change their passwords. We encourage you to do so within the next 72 hours, after which we will be expiring any passwords that have not been changed.
To change your password, use a web browser to connect to the Sonoma State University home page and click on "Login", then "Username & Password Assistance", and then "Change Password."
  • Note: You will need to change your password on all devices that access the campus wireless network. If you forget to do so, a device attempting to connect using your old password can lock you out of your account due to multiple login failures.
  • We will be adjusting our email configuration to explicitly mark messages that originate from off-campus.
Duo App Reminder

If you ever receive an unexpected prompt from the Duo app on your phone to approve a login, DO NOT APPROVE THE LOGIN! If this occurs, that means an attacker has successfully guessed or stolen your password.

In this situation:

  • Select "Deny" in the Duo app.
  • When asked "Was this a suspicious login?" Press "Yes."
  • Change your password immediately.
Email Reminder

Remember that Level I data such as passwords, PINs, account numbers, etc., must never be sent through email unencrypted. When sending encrypted data through email, the key needed to decrypt it (otherwise known as the decryption key or passphrase) should never be sent over email. Instead, the key should be sent using a separate communication medium, such as telephone or text message.

Also please remember to double check the recipients of your email when sending Level II data or other sensitive information through email. 

Phishing Email Reminder

Phishing emails are continually sent to members of our campus community. Phishers are criminals who attempt to impersonate an organization with whom you have an electronic account, such as your bank or Sonoma State University. They often attempt to deceive you into giving them your username and password, Social Security number, birth date, or other sensitive information.

Sometimes phishing emails contain or link to malicious software (malware) that allows others to control or access your computer, including your files, camera, microphone, and anything displayed on your monitor or played through your speakers. Some malware can use your computer without your knowledge to perpetrate further criminal activity.

You should suspect phishing:

  • When you receive an unexpected email or the email claims to be part of a transaction that you did not initiate.
  • When the email contains obvious deviations from standard practice, such as when the "To" or "From" addresses are incorrect or missing, or when the message contains poor spelling and grammar, generic greetings, or incorrect information.
  • When the email contains threats, requests for money, or sensitive information; or includes offers that seem too good to be true.
  • When, upon hovering over a link, the target URL either doesn’t match the displayed text or is formatted deceptively. (For example, http://www.sonoma.edu.example.com/ and http://www.sonoma.edu@example.com/ are links to example.com and not to sonoma.edu)
  • Any other time when something just doesn’t look right to you.

The computer security software company Cofense offers a handout with additional tips on how to spot phishing attempts.

What to do when you suspect that an email may be phishing:

  • Don'ts
    • Don't respond.
    • Don't open any attachments or click any links in the email.
    • Never provide account credentials and passwords through email.
  • Do's
    • Verify the contents of the message with the corresponding institution by typing in the URL yourself, or verify offline by calling them with a phone number known to you, not with any information from the email itself.
    • If you are unsure whether an email is legitimate, contact the IT Help Desk at (707) 664-HELP or IT.Helpdesk@sonoma.edu. SSU IT will never ask you for your username and password in an email.