Security Archives - Help Centre /its/help-centre/cat/security/ 杏吧原创 University Tue, 07 Jan 2025 19:06:48 +0000 en-US hourly 1 https://wordpress.org/?v=6.3.1 杏吧原创 Microsoft MFA /its/help-centre/ms-mfa/?utm_source=rss&utm_medium=rss&utm_campaign=ms-mfa Mon, 28 Aug 2023 17:56:34 +0000 /its/help-centre/?page_id=2320 Microsoft MFA is 杏吧原创 University鈥檚 multi-factor authentication (MFA) solution. Once enabled, you will login to 杏吧原创 systems using something you know (your My杏吧原创One password) plus something you have (your mobile phone).

Information For Faculty and Staff

Faculty and staff members are required to configure Microsoft MFA with their MC1 account. Do so by clicking the button below and following the setup instructions in the order provided.

Information For Students

Students will automatically begin seeing prompts to set up MFA when they attempt to log into 杏吧原创 services using their My杏吧原创One password.

Student Enrolment

Student information about Microsoft MFA and their MC1 account

FAQ & More Information

Read and consult our Support and FAQ pages.

]]> Firewall Change Request /its/help-centre/firewall-change-request/?utm_source=rss&utm_medium=rss&utm_campaign=firewall-change-request Fri, 23 Dec 2022 15:33:59 +0000 /its/help-centre/?page_id=2060 ITS is responsible for the management of the enterprise network firewalls. In order to properly maintain the security of the 杏吧原创 University network infrastructure, the configuration of rules on ITS-managed network firewalls must be properly maintained.

Changes to the rule configuration of ITS-managed firewalls must follow the procedures.听 To request a firewall change a must be submitted, this will automatically generate a jira request ticket.

Firewall information page found here

]]> Report Phishing /its/help-centre/report-phishing/?utm_source=rss&utm_medium=rss&utm_campaign=report-phishing Mon, 28 Jun 2021 12:21:01 +0000 /its/help-centre/?page_id=1540 Report Phishing

The Report Phishing button is a Microsoft Outlook Add-in that makes it easy for users to report suspected phishing emails directly to Microsoft and the ITS Security team. The Report phishing button is available in the Outlook desktop app’s ribbon bar and Outlook on the web.

Report Phishing Button

How to use the button:

  1. Select the phishing email
  2. Click the Report Phishing button
  3. A pop-up will appear asking if you want to report the phishing email. Select听Report听辞谤听Don鈥檛 Report.

Regardless of your selection, the email will be deleted from the inbox and moved to the Deleted Items folder.
If you report an email in error, you can retrieve the email from your Deleted Items folder.
Note:听The button will appear in a different location in the Outlook desktop app versus Outlook on the web.

Phishing button 鈥 desktop application:

The phishing button will appear in the main menu at the top right as shown below.

Desktop view of the phishing button: Appears at top right in the main bar menu

Phishing button 鈥 Outlook on the web (browser window):

The phishing button will appear at the top right of an opened email as shown below.听 If you don鈥檛 see it, click the 鈥淢ore actions鈥 menu (鈥)

Online view of the phishing button: shows at top right of an opened email or in the 鈥淢ore actions鈥 menu (鈥)

When to use the Report Phishing button

Click the Report Phishing button anytime you believe you have received a phishing email or any potentially dangerous email. Any messages you report using the Report Phishing button will be automatically deleted from your Inbox and moved to the Deleted Items folder. The emails you report will also be forwarded鈥痶o the ITS Security team to help identify phishing campaigns and to Microsoft’s cloud-based detection engine to improve filtering for others.

Note:听This button should only be used to mark emails with malicious intent. Other听nuisance听emails, such as spam or marketing emails, should be flagged using the 鈥淛unk Email鈥 feature.

When in doubt, please contact the ITS Service Desk for assistance.

Additional Information

What is phishing:

Emails, text messages or phone calls that attempt to trick the recipient into providing information or taking an action. Pause and think before responding or taking action. The attackers are after your passwords, financial info, identity, or money. The reason behind falling for these scams are urgency, desire to please, greed, curiosity, complacency, fear and that is why 1 out of 10 attempts is successful.

How to spot a phishing attack:

Attackers might send emails, text messages, use phone calls, or post messages online in a phishing attack. They might include malware on the website or in an attachment, trying to take over your computer. They can also make fake websites that can ask you to log in, trying to steal your username and password. Hover over the link to see if it is the correct link. Only open attachments that you are expecting and check the file extension (Avoid EXE, COM and VBS).

Common warning signs for phishing:

  • If an email appears to come from someone at the University, but has an [External Email] tag, it may be a phishing message. Be extra careful on mobile devices where it may not show the email address.
  • The subject line is in ALL CAPS.
  • If an email appears to be sent to a long list of people and not just to you.
  • If the email uses a generic greeting, or uses your email address in the greeting. e.g. Dear user, or Dear abc@carleton.ca
  • The message asks you to send money, Bitcoin, gift cards, checks, etc.
  • Asks you for your password or directs you to a website asking for your password (or personal information).
  • There is a call for immediate action 鈥 鈥渄ownload this now鈥, 鈥渃onfirm your email identity now鈥 or 鈥渃lick on the link below鈥.
  • Tries to invoke an emotional response to get you to take an action without thinking.
  • There are spelling or grammatical errors in the email.

Links

  • For more information on scams and how to protect yourself, visit the听.
  • A complete course on phishing:
  • A short course on phishing:
  • Test your phishing detection skills:
]]>