<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" id="owaParaStyle"></style><style type="text/css"></style><style type="text/css"></style>
</head>
<body fpstyle="1" ocsi="0">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">
<p class="p1">In this issue:</p>
<p class="p1"><br>
</p>
<p class="p2">1. DNS Changer Follow Up</p>
<p class="p2">2. A New Phishing Attack Seen at Universities</p>
<p class="p1"><br>
</p>
<p class="p1"><br>
</p>
<p class="p2">----------------------------------</p>
<p class="p2">1. DNS Changer Follow Up</p>
<p class="p2">----------------------------------</p>
<p class="p1"><br>
</p>
<p class="p2">According to the FBI and <a href="http://www.cnbc.com/id/47142091">
this news article</a>, hundreds of thousands of users may lose Internet access in July. You may remember the DNS Changer attack last year. Last November, the FBI and other authorities were preparing to take down the infrastructure of rogue servers put up by
the cyber criminals responsible for the attack. When the FBI realized that taking down the servers would affect about 570,000 users worldwide, they decided to replace the servers temporarily until March of this year, giving victims the opportunity to clean
their infected computers. A federal judge then extended the deadline until July.</p>
<p class="p1"><br>
</p>
<p class="p2">The problem started with a vulnerability in Windows, which the criminals took advantage of and were able to convince users to install malicious software. The malware turned off anti-virus updates and changed the way computers reconcile website
addresses behind the scenes on the Internet's domain name system (DNS). The infected computers were reprogrammed to use the rogue DNS servers owned by the attackers. This allowed the attackers to redirect computers to fraudulent versions of any website.</p>
<p class="p1"><br>
</p>
<p class="p2">When these replacement servers are taken down on July 9, the infected computers will lose Internet access, estimated to be around 360,000.
<a href="http://www.dcwg.org/detect/">Learn how you can detect if your computer has been infected with DNS Changer</a>. If you need assistance with cleaning your computer of any virus infections, contact the
<a href="http://ist.mit.edu/help">IS&T Help Desk</a>.</p>
<p class="p1"><br>
</p>
<p class="p1"><br>
</p>
<p class="p2">----------------------------------------------------------</p>
<p class="p2">2. A New Phishing Attack Seen at Universities</p>
<p class="p2">----------------------------------------------------------</p>
<p class="p1"><br>
</p>
<p class="p2">According to the Chief Information Security Office at Brown University, a new phishing attack is being seen by the university and other schools. An email that look like it comes from the school asks the recipient to join the school's "Collaborative
Network." The link in the email takes you to a signup page where you are asked to choose a "WebID" and then provide an email address among other information, including password.</p>
<p class="p1"><br>
</p>
<p class="p2"><a href="http://blogs.brown.edu/cis/2012/04/23/alert-email-from-brown-collaborative-networks/">See the phishing alert by Brown to their users, warning them to not reply to the email</a>.</p>
<p class="p1"><br>
</p>
<p class="p2">Learn more about phishing <a href="http://kb.mit.edu/confluence/x/SBhB">
here</a>.</p>
<div><br>
<div class="BodyFragment"><font size="2">
<div class="PlainText">Monique Yeaton<br>
IT Security Awareness Consultant<br>
Information Services & Technology, MIT<br>
http://ist.mit.edu/security</div>
</font></div>
</div>
</div>
<link rel="stylesheet" type="text/css" href="data:text/css,">
</body>
</html>