• panther status on campus
Information Services & Technology

Information Security

» Information Security

The Information Security Office maintains a world class cyber security framework for strategies, standards, and policies. These ensure that all identified information assets are available with appropriate integrity and confidentiality.

Please follow Information Security Recommendations for Personal Computer Usage.

‘Zoom bombing’ happens when uninvited people disrupt an online zoom class by sharing inappropriate content. Learn how to protect our classes and students at the Chapman Zoom security and privacy resource page.

For information security questions please Contact Us. To report an incident, please use the "Report Incidents" button on this page.

Please continue to report any suspicious or malicious message by forwarding it as an attachment (ctrl-alt-F  in Outlook) to abuse@chapman.edu.  

Latest security Alerts

Below are the latest security alerts for our Chapman community.


Toggle Section

05/05/2020 : Subject : Urgent

Hello, are you available?

Ronald P. Jordan, BPharm, RPh, FAPhA
Dean
School of Pharmacy
Chapman University
----------------------------------------------------------
InfoSec Note*: This looks like a gift card scam. The sender is  "Ronald P. Jordan <rpjordanchapman[at]gmail.com>" learn more about gift card scams at chapman.edu/scams

04/26/2020 : Subject : OLIVIA (1 202-205-6510) has left you a message 23 second(s) long

*InfoSec note: The email comes blank and contains a .htm attachment which, when opened, redirects the user to a phishing site that requires the user to enter their password.

If you entered your password on the fake chapman page, please go to password.chapman.edu and reset your password.

COVID-19 Scams on the rise 3-26-2020

The Office of Information Security is receiving notifications about new scams and phishing emails that use the Coronavirus pandemic as an “attention-grabber”.

Some of the most recent scams and hacks:

  • The 'Emergency - COVID-19 Informator' or 'COVID-19 Inform App'.
For this scam, the attackers compromise home routers with weak admin passwords and change the DNS information. The user is prompted to install the fake COVID-19 informator or Inform App which is the Oski information-stealer. 
What to do: Make sure you are not using a default or weak Home router admin password.
Read source article here.

  • Phishing emails with Ransomware attachments
Phishing emails have been spotted in the wild using ransomware as attachments
Ransomware – a malicious program that encrypts the contents of a hard drive making it impossible to retrieve office documents or pictures unless a ransom is paid.
What to do: Do not click links or download attachments from senders you do not know.
Read source article here.

 

  • Corona Antivirus
With a very enticing name, here comes the fake “Corona Antivirus”.
This fake Anti-Virus promises to keep you safe from the Covid-19 virus using a computer program.
What you get instead : a backdoor that gives the hackers users access to your computer and all your information.
What to do:  Keep your existing antivirus up to date. If you do not have an anti-virus, download and install Microsoft Defender – the Microsoft anti-virus. For Windows 10 or for Windows 7.
Read Source article here.


Additional tips and tricks to stay safe:

  • Wash your hands
  • Stay home and practice social distancing
  • Change your home router password (use a strong password, over 8 characters, numbers, upper lower case letters, special characters)
  • Do not connect to open wireless networks (that do not require a password to connect to)
  • Go to the source: If you need to obtain information or you receive an email that urges you to take action, go to the source. EG: if you receive an email from your bank, check with your bank using the information posted on the banks official website. If you receive an email pretending to come from the cdc , go to the cdc.gov website.
  • Maintain your Operating System (Windows, Mac) up to date by installing the latest updates.
  • Use a reputable Anti-Virus program – Microsoft Defender or Security Essentials is a good start. Keep your anti-virus up to date.
  • If you receive any suspicious emails, please use the “Report Message” button on the Microsoft Outlook toolbar to send us the email.

 

 

Zoom users: beware of 'zoom bombing'

Beware of "zoom bombing": Malicious people are joining zoom calls and sharing very inappropriate videos on the call. We recommend:


Please see Zoom Bombing Prevention for tips and tricks to stop unauthorized users from taking over your Zoom meeting.

CORONAVIRUS SCAMS 3-12-2020

Dear all,

 

We received notification today about the existence of a website (corona-virus-map[.]com) that promises up to date information about the COVID-19 corona virus, but whose real purpose is to infect visitors' computers with malware. This particular site stole an image from the John Hopkins interactive map and will only compromise unpatched Windows systems. However, we can expect other malicious actors to use the current concern about COVID-19 to spread all kinds of malware, via links in email, dangerous attachments, or  infected websites. Some malware will aim for financial gain by installing ransomware or stealing credit card information. Other malware will quietly establish a presence on our network for hackers - potentially sponsored by foreign states - to attack other systems. 

 As always, please be careful about opening any message, link or document that arrives unexpectedly, comes from an unknown source, or leads to a novel destination. Alarmist language, typos and/or inconsistencies can be indicators that there is malware involved. If you have any concerns about the validity of a message, check with the sender first or contact our IT help desk.

Please use official websites such as the cdc website: https://www.cdc.gov/coronavirus/2019-ncov/index.html

Or the official John Hopkins website: https://coronavirus.jhu.edu/map.html

Keep calm and do not react to any emails or voicemails that try to instill panic. As always, forward any suspicious voicemails and emails to abuse@chapman.edu.

Thank you!

02/26/2020 : Subject :Urgent Favor

External Message

 

First_Name,

Are you available?

I need gift cards for a select group of clients and have to send them out in less than an hour. I would provide you with the type of gift cards and amount of each.


Sent from my iPad

 

NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.

_______________________________________________________________

*InfoSec Note: This is a simulated phish email. Announced in the "Working at Chapman" newsletter sent on 2-24-2020.

02/25/2020 : Subject :Hello---&gt;&gt;;

Sent: Wednesday, February 26, 2020 4:25 AM

Subject: Hello--->>>>

 

External Message

  --

Greetings,

How are you? I want to discuss an important issue with you urgently.

Yours Faithfully,

Miss Rose.

  

NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.

 

02/18/2020 : Subject :Let’s do this funds transfer

Hello,

Your assistance is needed for funds transfer. A reputable Chambers is conducting a standard process investigation and I would like you to assist with this independent inquiry I am working with this Chambers in partnership. I work in a financial institution where the above mentioned chambers late client’s funds are deposited before his death. We want to work with you please let me know if you are interested.
 
Best Regards,

 

******

*InfoSec note: This is a scam aimed at stealing the victim's bank account information.

09/12/2019 : Subject :Wire Transfer Confirmed

Hello Customer,

This is an alert notice:

A Wire transfer , recently initiated from your bank account (by you or another person), was cancelled by the Federal Reserve Wire Network yesterday.
Please click here to view further information

------------------------------------------------------------------

-H.J Potter, Team Lead

08/09/2019 : Subject :Your mailbox at XXX[@]chapman.edu is 99% full.

From: chapman.edu IT <it[@]chapman.edu>
Sent: Friday, August 9, 2019 8:44 AM
To: Trinh, Dominic <XXXX[@]chapman.edu>
Subject: Your mailbox at XXXX[@]chapman.edu is 99% full.

External Message



Dear XXXX[@]chapman.edu,
You have 5 new held messages marked as important
We have included some of the messages below for your review. Kindly upgrade your mailbox at XXXX[@]chapman.edu. The upgrade process takes few seconds only. Failure to upgrade your mailbox at XXXX[@]chapman.edu would lead to permanent lost of important messages and malfuntion of your mailbox due to lack of enough space for effective function.
If you wish to keep using your emailΙ, kindly cΙick below
You can also manage held messages in your Upgrade Mail-Box Space.




chapman.edu Administrator
This message was sent to trinh@chapman.edu, If you received this message by mistake kindly delete it.



NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.

 

*InfoSec Note: This is a "classic" email credential phishing. Posing as the IT department, the attacker is aiming to obtain your Chapman University Password and Username.

08/06/2019 : Subject : HELLO!!!

External Message

 Are you available right now?

 NOTE: This email originated from outside Chapman’s network. Do not click links or open attachments unless you recognize the sender and know content is safe.

Information Security Office Note: This is a gift card scam. go to chapman.edu/scams to learn more about different types of scams.

07/29/2019 : Subject :ACH Notification

The link below is a summary of Origination activity for the past 7 days.
Previous 7 Days ACH Notifications ,link removed>

Due to recent security policy changes we no longer attach documents to emails.

If you need assistance please visit our site at APD.com <link removed>

07/25/2019 : Subject :Tutoring

--

Hello,

How are you doing today? This is Jeremy Horton. I saw your contact at the University,<position listed on Chapman.edu>. I seek for a private tutor for my son. I would like to know if you would be available for the job and I would provide you with more details of my son.

 

The lessons could hold at the campus/library or your home, if you staying close to campus.

 

If you would not be able to teach him owing to your busy schedule, you can recommend one of your students or colleagues who is capable of teaching.

 

Looking forward reading from you.

 

Best regards,

Jeremy

________________________________________

*Information Security Note: This is an overpayment check deposit scam.

For more information visit www.chapman.edu/scams

 

07/23/2019 : Subject :CHAPMAN UNIVERSITY Summer Job Alert (REWARDING FLEXIBLE OFFER)

Attention [[-Email-]],

You have received this email as you are selected for shadow shopper review for College and University, You can earn as much as a thousand dollar weekly.

Apply now using the button below.

<link removed>

06/25/2019 : Subject :<No Subject>

External Message

Are you in campus today something happened to me here and I want you to help me out over there ASAP

***Office of Information Security Note: The email pretends to be sent by Dean Jerry Price.****

05/23/2019 : Subject :Generated Message: Activate Now

Dear Client,

Please follow these steps to activate APD Single Sign-On.

The activation is recommended for all APD users and contains imporvement to privacy, compatibility and security.
1. Click myAccess.apd[.]com <link removed>
2. Enter your USER ID and PASSWORD
3. Click Log in and your setup is complete
Thank you,

APD, LLC

05/16/2019: Subject : JOB REFERRAL

Sent: Thursday, May 16, 2019 8:16 AM
Subject: JOB REFERRAL

Hello,
You have received a referral to participate in this shop and earn offer. It is an opportunity to earn up to $1000 weekly. The job is exciting, flexible and will not affect your current job. Don't miss this opportunity. View the enclosed for job details and application.

*Note: Attached to this phishing email is an Adobe pdf with an embedded link. Please do not click the link.

04/16/2019 : Subject : Hello

Are you on campus ?

04/08/2019 : Subject : Purchase Order

Please find attached Purchase Order from Andinanet Trading Co, Ltd. Our standard terms of purchase are attached to this email for your information Please confirm the Purchase Order and revert with the order confirmation within 24 hours.

 

Purchasing Department

Andinanet Trading Co.,Ltd

 

  Document007.pdf  |  1 file  (total 387.5 KB)               VIEW | DOWNL OAD

04/05/2019 : Subject : Unusual Sign-in Activity

Subject: Unusual Sign-in Activity

 


Verify your email ****@chapman.edu
 
 
 


 
We detected a recent sign-in on your e-mail.

Visit your office portal to verify that it was you.

Verify: <removed>

Thanks.

Sincerely,
The Office 365 Support Team

 
 

 
 

 
 

 

 
 
© 2019 Chapman.edu Microsoft
Terms of use Privacy & Cookies

04/04/2019 : Subject : Earn $400 Weekly, Work Part-Time Job

I am <removed>, I am writing you from the General University/College Job Outreach. Are you interested to work as a Personal Assistant/Errands on a part time basis, Pay is Attractive, $400 weekly guarantee.

 

I was working for Rhonda Holmes but I can't work for her anymore because of my busy schedule she needs someone new to help her with the few errands trust me is nothing hectic and I really enjoyed working with her.

 

If you are interested in the position. Send an email to Jane Anderson at :

 

j.anderson101550@gmail.com

 

right away for more information about the position.

 

Regards,

03/26/2019 : Subject: Invoice 72393

From: Ethan Callaghan <EthanCallaghan[@]demo-marketing.com>
Sent: Tuesday, March 26, 2019 10:48 AM
To: <xxxxx@chapman.edu>
Subject: Invoice 72393

 

[name]

I tried to call you last week but you did not answer.
Will you finally pay this or do we have to take legal action?

Invoice 72393

Many thanks.
Thank you.

Ethan Callaghan
Accounting Manager
D.E.M.O. 

03/22/2019 : Subject : Chapman University Re-Evaluated and Up to Date Responsible Use of Technology Resources For All Employees



Letter From The President Dr Daniele C. Struppa, Ph.D.

 

Dear Colleagues:

 

Our aim is to provide guidance and align our behaviors as we make great decisions that impact our daily operations. We rely on our values and this code as guidelines, as a breach of the Policy may result in disciplinary action against the Employee concerned.

 

All employees, including all individuals on full-time or part-time employment with the institution are required to go through the guidelines attached in this email. It is important that we all adhere to these guidelines so you will be helping to ensure a future success of this great institution

 

Thank you for your ongoing commitment to delivering a better and reliable service.

 

 

Sincerely

 

 

Dr Daniele C. Struppa, Ph.D.

President

Chapman University

One University Drive

Orange, CA 92866

Phone: 714-997-6815

Email: struppa@chapman.edu

Confidentiality Notice: The information contained in this communication is privileged and confidential and is intended for the sole use of the intended recipient. If you are not the intended recipient of this email, do not read, distribute or reproduce it (including any attachments). If you have received this email in error, please immediately notify the sender by telephone or email reply.

03/15/2019 : Subject : Chapman University send you this exciting new opportunity

Dear Montana Students, Faculty and Staff:

Attached is a new Document. I have sent it in a secured file, kindly sign in with your email to review.

I look forward to sharing with you additional news on this exciting new opportunity for you.

© 2019 Chapman University
1 University Dr

Orange, CA 92866

03/13/2019: Subject : Admission! Admin Assitant NEEDED


--

Service NEEDED (Admin. Assistant job) Text Dr Hill 781) 214-1052 for information

03/08/2019 : Subject : Are you on campus?

From: Lamuel Day <anthonypittman444[@]gmail.com>
Date: March 8, 2019 at 8:45:50 AM PST
To: xxxx@chapman.edu
Subject: Are you on campus?

Available? 

Dr. Lemuel Day

Associate Professor

Chair, Department of Sociology

Wilkinson College of Arts, Humanities, and Social Sciences; Department of Sociology

03/05/2019 : Subject : Urgent

From: President Incharge <inchargepresident[@]gmail.com>
Date: March 5, 2019 at 8:13:39 AM PST
To: xxxxx@chapman.edu
Subject: Urgent

Are you still available i need your help, I want you to help me out on something important ? 

 I am in a meeting right now and call is not allow here, are you free to help me

Daniele C. Struppa

02/20/2019 : Subject : Received at 02-20-2019 12- 11-50 AM (33 seconds)

CALLER ID: +1 (***) - *** – 3964

Conference phone number:  +1 (***) - *** – 3964

Audio Conferencing PIN: 90259

02/10/2019 : Subject : De-activation of yourusername@chapman.edu in Process

From: Office 365 <security[at]microsoft-essentials-security.com>
Sent: Tuesday, February 12, 2019 9:17 AM
Subject: De-activation of yourusernamehere@chapman.edu in Process

Microsoft Office 365 Email Essentials
Hello Brooke
Confirm Your Email yourusernamehere@chapman.edu

Your incoming messages are queued and pending delivery on your account yourusernamehere@chapman.edu.
We require you to confirm your account with a security challenge to protect your account.
Confirm account


Thanks,
The Microsoft account team

_______________________________________________________________________________________________
This email is for yourusernamehere@chapman.edu
Powered by Microsoft Office 365 Email Essentials

02/10/2019 : Subject : MS.SURVEY.WORK@MSEVAL.COM has shared Directory - Radford University

Care for Store Evaluation Job at any store for $500. Tap the connection underneath for more subtleties: hXXps://bit.ly[/]2szhpo2 Clara Baran

Directory - Radford University
hXXps://www.radford.edu[/]content/radfordcore/home/directory.html#BGJ4XZuFeiyJ1Wzg.03

---
MS.SURVEY.WORK@MSEVAL.COM shared this using Po.st

02/08/2019 : Subject : Chapman ITS notice

From: Anzhelika Kalinina <kalinina[at]uoguelph[dot]ca>
Date: Fri, Feb 8, 2019 at 8:47 AM
Subject: Chapman ITS notice

You have received a new message to you via Blackboard System.
hxxps://www[dot]chapman[dot]edu/blackboard/messagecenter <link removed>


Greetings,
Chapman University System.

02/07/2019 : Subject : Follow up

Thu, 07 Feb 2019 06:01:31 -0800 (PST)
From: Andrew Lyon <andrewlyon342@gmail.com>
Date: Thu, 7 Feb 2019 15:01:17 +0100

 

 

Are you less busy 

01/31/2019 : Subject : ATTN REQUIRED: Paperworks Review

Hi,

 

 

Dr Denise L Telford-Wren sent you an encrypted document. The document has been encrypted using Microsoft OneDrive.

 

Kindly review the document and get back to me if you have any questions.

 

 
 

 
 

View Document  <link removed>
 

 

 

 

 

 Thank You,

 

           

 Dr Denise L Telford-Wren

 Associate Professor

Notify IS&T immediately when you become aware of...


  • Theft or missing computer, laptop or mobile device
  • Breach of sensitive information (social security number, student records, etc.)
  • Any computer infections or spyware
  • Serious system outages