Important information regarding COVID-19 and cyber threats.
Malicious actors are launching cyber attacks capitalizing on the global concern over COVID-19. Email and social media-based phishing scams referencing the virus (or cure) attempt to convince recipients to:
• open links or attachments
Security researchers found that coronavirus-themed websites are 50 percent more likely to be malicious than other domains; over 4,000 coronavirus-related domains have been registered since January 2020. Malicious websites purporting to be the live map for COVID-19 global cases run by Johns Hopkins University are circulating. These websites infect site visitors. Researchers believe the website is being spread via infected email attachments, malicious advertisements, and social engineering. Over the last week, we have noted a significant uptick in malicious coronavirus-themed emails targeting State of New Jersey employees. We recommend that users remain vigilant and exercise caution with coronavirus-themed emails, posts, and links, ensuring to only use trusted sources – such as official government websites – for information on COVID-19.
NJCCIC provides public advisories and a site featuring cybersecurity resources. See the links below:
Suspicious (phishing) emails should be reported to firstname.lastname@example.org.
Please refer to the official University site for localized updates related to the coronavirus.
There are a variety of resources that can help you learn about staying safe online. OnGuardOnline.gov is the federal government’s website which offers important advice about avoiding scams, protecting your children, and securing your computer and network connections.
The Stop Think Connect Campaign, led by the Department of Homeland Security, raises awareness among the American public about the need to strengthen cybersecurity and to generate and communicate new approaches to help Americans increase their safety and security online. The program outlines three major goals.
- Elevate the nation's awareness of cybersecurity and its association with national security and personal safety.
- Engage the American public, the private sector, and state and local governments in our nation’s effort to improve cybersecurity.
- Communicate strategies for the public to keep themselves, their families and their communities safer online.
For your protection the academic computer labs are equipped with up-to-date anti-virus software. The virus software will automatically check for viruses whenever the drive is accessed. If a virus is detected a message on the screen will appear indicating that your diskette is infected, which virus it has found and the opportunity to clean the virus. Proceed with the cleaning process to remove virus from disk.
Note: Users are required to install anti-virus software on their home machines and to check flashdrives for viruses on a regular basis. For Microsoft Windows, we recommend using the built-in Windows Defender.
To check for viruses:
- Open File Explorer
- Right click on the flash drive icon (Make sure it’s inserted.)
- Click on Scan for Viruses.
Most Internet users are familiar with virus warnings which arrive in their mailbox. Many of these messages spread false information and ask you to forward them to other Internet users. Even though there are thousands of legitimate viruses discovered every year, there are some that don’t exist. If you receive electronic mail claiming to be a virus warning, please forward the message to email@example.com. Please do not send it to the campus community. Information Technology Services will investigate and will notify the campus.
E-mail is an ideal tool for conveying information to millions of people. This information can be useful, irrelevant (Spam e-mails) or have malicious purposes (Phishing). Cybercriminals have become very crafty to lure people into clicking on an attachment, a link or giving up their personal information. E-mails can look like legitimate messages coming from a trusted source, such as your bank, a friend or a family member. Always check with the source (by phone) before taking any further action with the e-mail.
Spam e-mail is the equivalent of receiving junk mail from businesses promoting their products and services.
This type of e-mail attempts to steal your personal information information and use it for malicious purposes. Cybercriminals can use your information to access bank accounts, open new credit cards or assume your identity.
- Spear phishing
Spear Phishing is directed at specific group of people or companies. For example, cybercriminals can launch an attack on a business to get customers' information. Then assume the business identity to launch an attack against the customers, making the e-mails look authentic, thus increasing the attacker's probability of success.
- Clone phishing
This happens when a legitimate, and previously delivered, email containing an attachment or link has its content and recipient address(es) taken and used to create an almost identical or cloned email. The attachment or link within the email is replaced with a malicious version and then sent from an email address spoofed to appear to come from the original sender.
These type of phishing attacks are directed specifically at senior executives and other high profile targets within businesses. The email takes a more executive type of form such as a legal subpoena, customer complaint, or executive issue.
Spam and Phishing on Social Networks
Because of their popularity, social networks have become ideal sites for spam and phishing messages. The same rules apply as with suspicious e-mails.
What to do to Avoid being a Victim
- Be aware of suspicious messages. You can be the most powerful weapon against Spam and Phishing
- Keep your computer's operating system and antivirus up to date
- Forward any suspicious e-mail to firstname.lastname@example.org
- Stockton employees, block spammers and phishers.
- In Outlook 2013 (client version), right click on the suspicious e-mail, select junk and click on Block Sender.
- In Outlook Web App (web version), right click on the e-mail and click on mark as junk
- Stockton students, learn how to block unwanted messages in GMail.
Go to On Guard Online to learn more about spam and phishing.
This guideline applies to all students, staff, and faculty using their own (non university-owned) computer equipment on or off campus.
Information Technology Services is charged with providing for the computing and information communication needs of the university community. As part of that charge, the division provides the technical services necessary to establish and maintain information, instructional delivery and communication systems that appropriately support the administrative, academic and auxiliary operations of the institution. Information Technology Services is here to support the use of a personally owned computer for connectivity to our resources.
Information Technology Services can provide telephone support to assist our community members through connectivity failures by:
- Assisting in the installation and configuration of connectivity software (e.g., VPN client)
- Evaluating hardware/software issues that may be interfering with connectivity
- Suggesting useful non-University resources
If your computer problem is beyond the scope of the Help Desk's ability to provide assistance, there are several options for you to consider:
- Check your warranty information, and consult with your computer's manufacturer or vendor. They will have the best information about your computer hardware, and they will be able to tell you what free or low cost repair services you may qualify for as part of your warranty.
- You may wish to engage a technician at a local computer repair shop.