Category Archives: Special News

Phishing and Social Engineering

Special News, TechNews, , , ,

Phishing and social engineering campaigns are the #1 source of ransomware and other malware[1].
Phishing is a type of cybersecurity attack where malicious actors send messages pretending to be a trusted person. Social Engineering is the psychological manipulation of people into performing actions like installing malicious software, clicking a malicious link, or divulging sensitive information.

Reduce your chances of your falling victim to phishing attacks!

Beware of messages that:

  • Do not clearly identify themselves or their company
  • Come from an email address that does not match the company’s domain
  • Do not give full contact information such as the title of sender, the company’s physical address, or phone number
  • Make too good to be true offers with no strings attached
  • Ask to pay an upfront fee or asks you to transfer money for them
  • Ask to give your credit card or bank account numbers
  • Ask to send copies of personal documents
  • Remember: DO NOT provide any personal information, especially Social Security numbers or financial information. Legitimate companies would not ask for this information over the phone or email.

If an email looks suspicious, do not respond and do not click on any links or attachments. When available, “Report phishing” to block other suspicious emails.

[1] 2021 Verizon Data Breach Investigations Report (DBIR)

Beware of Disaster Scams

Special News, TechNews, , , ,

Remain vigilant for scams particularly related to disasters and other current events. Recent phishing campaigns include emails with attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with Hurricane Ian-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to Hurricane Ian relief efforts.

In general, avoid clicking links in unsolicited emails, never reveal personal or financial information in email and do not respond to solicitations for this type of information. Always verify the sender of email messages.

For more information about phishing and Internet scams, as well as ways to identify them, please visit our Phishing and Scams resource page

Please send any questions or concerns to Simmons Information Security Officer, Richard Phung, or the Technology Service Desk.

Upcoming Sharkpass Duo Updates

Special News, TechNews, , , , , , ,
Example of a new Duo Push

Simmons Technology will be updating Duo Security — the technology behind Simmons Sharkpass — to the Universal Prompt which will affect the look-and-feel of logging into Simmons resources. 

After this change, a redesigned prompt will be presented to users at the time they login providing a sleeker, more simplified interface. 


Stay tuned! More details to be announced soon.

Ongoing Security Concerns

Special News, TechNews, ,

Many institutions of higher learning are falling prey to an increasing number of phishing attacks.  Simmons is no exception.  Phishing attacks have soared 220%1 since the beginning of the pandemic.  Despite our active monitoring efforts and alerts to the community, too many of us still fall victim.  Breaches of Simmons login credentials this month have resulted in compromised computers used to send even more phishing messages and most recently unlawful access to Workday where banking information was exposed and in one case changed.  Giving up your password to a phishing site has serious consequences.

1https://www.f5.com/company/news/features/phishing-attacks-soar-220–during-covid-19-peak-as-cybercriminal

Sharkpass/DUO Do’s and Don’t

Special News, TechNews, , , ,

While Sharkpass/DUO gives us an edge against cybercriminals, it is not foolproof.  Imposter login websites often include a false DUO page and ask for you to input a code from your DUO mobile app.  Doing so gives up your account to thieves who then have access to your personal information and the ability to direct your paychecks or refunds away from your bank account.  Simmons Sharkpass/DUO page will also only begin with “idp.simmons.edu.”

What else you should and shouldn’t do

Special News, TechNews, , ,
  • Change your password regularly.
  • Report phishing messages you receive in the Gmail menu with “Report Phishing”
  • Don’t forward phishing messages to anyone. Friends and colleagues can fall victim too.
  • Consider using Gmail’s mobile apps on iPhone and Android instead of the provided mail apps.  Gmail’s app presents warnings about suspicious messages and allows you to report phishing messages.
  • Don’t click on links or download attachments from messages you are not expecting.

Remember, real Simmons sites start with idp.simmons.edu!”

What we’ll be doing

Special News, TechNews, , , ,

Simmons Technology continues to review recent incidents and take actions that make our infrastructure safer and less appealing to cybercriminals but there isn’t much we can do if you give away your credentials online.  In an effort to make our login process more secure, we will be doing the following in the near future:

  • Removing DUO mobile passcode, phone callback, and SMS passcode features from Sharkpass/DUO.  Logging in will require utilizing a “Push” to your mobile device.  
  • For those unable to use the DUO Push notification on their mobile app, hardware tokens and security keys will be made available.
  • Implementing a mandatory password reset for the community.  

We realize these measures will cause a small change in the way some of us work and utilize Simmons resources.  We are confident that after a brief adjustment, all will be able to adapt and aid in helping create a safer online environment.  Please stay tuned for more information about these upcoming information security changes.  And please reach out to me or the Technology Service Desk ([email protected] or 617-521-2222) with any questions or concerns.

Thank you,

David Bruce
Vice President, CIO
Simmons University

Wireless Network Performance Improvements

Special News,

Dear Simmons Community:

The return to a campus under construction has introduced some challenges as we learn to adjust temporarily to a higher density environment. As more people congregate, live, and learn in different spaces, our wireless network is struggling to adapt. We have taken steps to configure our wireless network to offer better connectivity and further enhancements are in progress. It is important for Technology to know where and when issues are occurring. You may do this quickly by reporting problems to the Service Desk via our Wireless Network Support form.

Faculty and staff can help improve wireless connectivity for others by utilizing their wired network connections when at their desks. This will also provide the best network experience. Those needing assistance connecting their Simmons laptops to the wired network should contact the Service Desk via our General Support form, or by calling 617-521-2222.

Thank you for your assistance,

David Bruce

Working Remotely: Resources for Staff

Special News,

Simmons Technology has pulled together a list of resources and tools that can help you work remotely efficiently and collaboratively:
https://servicedesk.simmons.edu/articles/?action=showEntry&data=6740

The resource page includes links to working with voicemail remotely, using twinning to forward your calls, Zoom tutorials, and other resources that we think will be useful to you. Whenever possible, we have included links to training and help materials.

The Service Desk is also making extended support hours available for phone support. You can find that and other useful information available on our website, https://servicedesk.simmons.edu