News & Alerts

An e-mail with a title similar to "CNN.com Daily Top 10" is currently spreading over the Internet. An e-mail with a title similar to "CNN.com Daily Top 10" is currently spreading over the Internet. Links within the e-mail, if clicked, download a malicious file named something like "get_flash_update.exe". This file compromises the machine to an extreme, typically forcing users and system administrators to rebuild the machine. Users who are potentially being compromised should notice a message about the version of Flash Player on their screen.

New Attacks Against Social Networking Sites As part of its "Don't Just Click IT" campaign, SecurePurdue is reminding computer users to be cautious when clicking on URL links provided in emails and instant messages, posted on social netowrking sites, and in response to cellular text messages.

New Variant of e-mail scam released The IT Networks & Security Incident Response group has identified new variants of the e-mail scam that has been circulating campus for the past few months. We would like to remind everyone that they should never give out their account information. If you do respond to a scam like this please contact abuse@purdue.edu and we will assist you in re-securing your account.

McAfee VirusScan Home Edition Version 12 Now Available McAfee VirusScan Home Edition Version 12 is now available for download on the SecurePurdue download page.

Internet Explorer 7 and ITNS managed WSUS

As Microsoft has indicated, the Windows Internet Explorer 7 Installation and Availability update rollup will be released to WSUS installations at the next patch cycle, Feb. 12, 2008. This update, if approved, will upgrade XP/Server 2003 systems currently running IE 6 to IE 7. There has been some concern expressed that users of the ITNS supported WSUS server will be forcibly upgraded to IE 7 due to this update. 

Currently, the ITNS ...

Purdue community warned of e-mail scam--Posted Variants Variants of current email scams plaguing campus email users are posted here.

Purdue community warned of e-mail scam The IT Networks & Security Incident Response group is warning the Purdue community about reports of a targeted e-mail scam.

IRS Warns of E-mail Scam The Internal Revenue Service (IRS) has issued an alert warning taxpayers of new email scams. In a new variation on traditional email scams claiming an IRS refund, the new email scam claims to come from the IRS and the Taxpayer Advocate Service (a legitimate IRS program).

Watch one student's story about illegal downloading. Watch one student's story about illegal downloading.

Don't Just Click It Don’t Just Click It! Just like you put your seat belt on before you start your car, think before clicking on a URL link in an email or IM. Do you know the person who sent it? Is the URL really taking you where you believe you are going?

Secure Purdue Newsletter-July 2008 View the July 2008 edition of the Secure Purdue News.

Computer Security Awareness Video Contest The EDUCAUSE/Internet2 Computer and Network Security Task Force, in cooperation with the ResearchChannel, is conducting its third annual contest in search of posters and short computer security awareness videos developed by college students, for college students. The contest is sponsored by the National Cyber Security Alliance (NCSA) and CyberWATCH. Winners will receive cash prizes. The posters and videos will be featured on the Security Task Force website and may be used in campus security awareness campaigns.

Phishing scams persist, but don't take the bait Recently, people at Purdue have been receiving an increased number of a particular type of spam which appears to be sent from Purdue University or a legitimate financial institution or online business, such as PEFCU, Regions Bank, eBay, or PayPal. These emails are a type of online fraud known as "phishing."

Advisory regarding an increase in worm and virus threats to instant messaging users ITaP Security and Privacy (ITSP) reminds campus computing users to remain vigilant about worms and virus threats spreading via instant messaging applications.

CSO Magazine Article on Awareness Programs CSO Magazine Article on Awareness Programs with a feature on Purdue University's Information Security outreach strategy and ITNS Training and Outreach Coordinator Cherry Delaney

SANS OUCH Current Issue