June 2010

Did You Really Place That Order?

Have you recently received a confirmation email from Amazon, GoDaddy, or some other website but you don’t remember placing the order? Chances are, you didn’t.
Once again those phishing scam artists are finding new and creative ways to get you to click on links.

As always, if you receive emails that appear suspicious, contact IRT Information Security Services (irt-security@lists.stanford.edu) and we will verify the validity of the email for you.

A good general rule is: When in doubt, don’t.

Credible Email Scam - Look Out!

An old, but very credible, email scam is circulating once again. This time, the email appears to be sent from someone you know personally claiming that they are stranded in London after being robbed. They are requesting that you send them money to help them get home. The reason this email seems credible is because it’s from someone you know and an email account you recognize.

There has been a rash of break-ins into people’s “free” email accounts (hotmail, gmail, etc.). Once the hacker has access to the free account, the email is then sent to everyone in that person’s contact list. That is why the email seems legitimate; it’s coming from an account you recognize.

WHAT YOU CAN DO

If you receive such an email, phone the person who you think sent it. It will be easy to verify that they really did not send the request for money.

Select a strong password for your free email accounts (but please, don’t use the password to your SUnetID). Try to use a combination of letters, numbers, and special characters if you can. Or create a short sentence to use as your password. Always try to create a password that is easy for you to remember but difficult for someone else to guess. Now would be a good time to change those passwords.

If you have questions about this or any information security issue, please contact me directly (eamsel@stanford.edu or 650 736 4008) or anyone in IRT Information Security Services (irt-services@lists.stanford.edu).

Here’s what the email looks like (name replaced with XXXXX to protect the innocent):

From: XXXXXXXX [mailto:XXXXXX@yahoo.com]
Sent: Monday, June 28, 2010 7:02 AM
To: undisclosed recipients:
Subject: My Plight!!!

I'm writing this with tears in my eyes, I came down here to Newcastle,United Kingdom for a short vacation unfortunately i was mugged at the park of the hotel where i stayed,all cash,credit card and cell phone were stolen off me but luckily for me i still have my passports with me.

I've been to the embassy and the Police here but they're not helping issues at all and my flight leaves today but am having problems settling the hotel bills and the hotel manager won't let me leave until i settle the bills.

XXXXXXX.

Understanding the Value of Your Information

You may not think it’s true, but your information has value – both to you and to Stanford. And similar to other valuables you have in your possession, it is important to understand just how precious your information is so that you can take the appropriate steps to protect it. This is called classification of information. Based on your information’s classification, Stanford has defined how that information must be protected.

There are four classifications of information at Stanford:
• Prohibited
• Restricted
• Confidential
• Public – information that is not Prohibited, Restricted, or Confidential

Securecomputing.stanford.edu not only lists the specifics regarding each class of information, but also provides detailed requirements about how that class of information needs to be handled and stored.

There are additional obligations you have when you store:

• Social Security Numbers
• Credit Card Numbers
• Financial Account Numbers
• Driver’s License Numbers
• Health Insurance Policy ID Numbers

To keep this information on your computer, you will need approval from the Data Governance Board (DGB) and you must encrypt the computer on which it is stored. PGP encryption is available at no cost to anyone at Stanford. Contact your support person or submit a Remedy ticket to get started.

If you think your computer was accessed without your permission, you MUST immediately contact IRT Information Security Services (irt-security@lists.stanford.edu or 5-8000 option 4) or the campus Information Security Office (iso@stanford.edu). Details can be found in the Information Security Incident Response Policy, Admin Guide Manual #67.

And just a reminder... all new information systems that store or process Prohibited or Restricted Data should be assessed by the Information Security Office or the School of Medicine Information Security Services group.

Resources:
Secure computing website: http://securecomputing.stanford.edu
Admin Guide website: http://adminguide.stanford.edu
IRT Information Security Services: irt-security@stanford.edu or 5-8000 option 4
Campus Information Security Office: iso@stanford.edu
General assistance at the School of Medicine: 5-8000
To submit a Remedy ticket: http://helpsu.stanford.edu