Information Technology Department

What Just Happened?

Information Technology is working to educate the campus on the dangers of phishing attacks. Our security team sent an email to Central email accounts pretending to be a hacker and the email link you just clicked on was part of that test. Your account and your computer are fine. Had this been a real phishing attempt email, your account could have been compromised had you provided your BlueNet account or Central email account credentials after clicking the link. For the purpose of this test we did not record your information, however we ask that you please review this important information about phishing attempts.

What is phishing?

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy source in an email or other form of electronic communication. When you click on a link in a phishing email, you may be prompted to enter your Central credentials (BlueNet username or Central email address and password) on a non-Central web page. The hacker then steals your account information and attempts to use your Central email account to send out spam and/or phishing attempts to others in your address book and/or the entire university.

How can you tell if an email is a phishing attempt?

 

phishing example

What happens if you fall victim to a phishing attack?

If your Central BlueNet account or My.CCSU.edu email account is compromised by a hacker, the Information Technology department will:

  1. change your password (BlueNet account and/or My.CCSU.edu email password). This is done to put an immediate stop to access to your Central email account. We will contact you to help you reset your password.
  2. temporarily suspend your ability to send email messages.
  3. work with you to ensure any computers you use to access your Central email are malware and virus-free.

As you can see, a compromised account is a huge inconvenience. This entire process can take up to 5 business days or longer to resolve, which means you will not be able to send any email during this time.

How can you keep your BlueNet account and Central email account safe?

There are several important actions you can take to keep your account safe:

  1. Do not share your Central BlueNet or My.CCSU.edu account credentials with anyone or enter your Central account credentials on ANY unknown web site. The IT Department will never ask you for your password, especially via an email message!
  2. Be extra cautious about clicking links in email messages. Phishing emails are usually sent from email addresses outside of Central or from users outside of the Central IT Department such as students or employees whose account was compromised by a phishing attempt. The IT Department will never direct you to click on a link to manage your account and will never use wording such "click this link" or "verify now" in an email message about your account. We will direct to you to go to the Central Account Management System via CentralPipeline without including a link.
  3. Choose strong passwords that cannot be easily guessed. Change your password often and do not write it down or store it on your computer.
  4. If you did accidentally click on a phishing link and/or supplied your credentials on an unknown site, immediately change your password to something you have never used below. Use the Central Accounts Management System to reset your BlueNet account password and your student email account password.