Service Announcements

Alerts Intro Text

UNH IT reserves 8:00 AM - 12:00 PM every Sunday as a standard maintenance window. During this time, UNH IT systems may be unavailable.

 

Wednesday, August 12, 2020 - 10:41am

A legitimate email has been sent by Microsoft Audio Conferencing.

Email Subject = You now have Audio Conferencing for Microsoft Teams or Skype for Business Online – Here is your dial-in information and PIN

If you are concerned about the validity of this message, you can read more in the IT Phish Bowl.

Friday, August 17, 2018 - 8:31am

 Updated on Thursday, July 5, 2018 - 12:45pm

UNH users are currently being targeted with a phishing attack with subject “LAST WARNING – Email Notification”.  This email was sent from a valid UNH email account.

For more details, please see The PhishBowl: https://www.unh.edu/it/news/2018/07/phishing-email-subject-last-warning-email-notification-username-removed

New, Thursday, January 25, 2018 - 3:54pm

Due to several recent events including multiple spear phishing attacks targeting UNH students, UNH is experiencing a high volume of student accounts being used to send spam and phishing emails.  When a student email account is found to be sending unauthorized emails, the students email account is locked and their UNH account is secured.  Once an account is secured, students are unable to access any UNH resources including myCourses and WebCat until they contact the UNH IT Service Desk or visit the Academic Technology Service Center in Dimond library.  Unfortunately, at this time, restoration of UNH access does not unlock the student email account and it may take several days for students with locked email accounts to regain the ability to send email.  
 
Based on the issues outlined above, UNH IT is asking all UNH students to change their UNH password immediately.  This is the best way to ensure you do not lose access to any UNH resources during the remaining of finals or during winter break.
 
It is important that students follow the instructions found on the following UNH IT web page. You can get to this page by copying and pasting this URL (https://www.unh.edu/it/news/2017/12/security-alert-password-change-requi...) into your browser.  Following the instructions outlined at this URL will ensure your UNH password is changed across all UNH systems that utilize it.   
 
For more information, visit the FAQ page located at this URL (https://www.unh.edu/it/information-security-services/unh-student-passwor...).
 
The URLs are provided as plain text so you can see the final destination and recognize that it is hosted on a UNH website at www.unh.edu.
 

New, Friday, December 15, 2017 - 2:13pm

 Posted on Wednesday, November 29, 2017 - 11:08am

UNH IT has received reports of a phishing email targeting all UNH users that seeks to obtain UNH usernames and passwords via a fake Outlook Web Access log in page. The subject of the email is "Message from Human Resources Department" and the email may come from a UNH email address.

If you received this email, please delete it.

If you clicked the link and entered your UNH credentials, please call the UNH IT Service Desk at 603-862-4242 for immediate assistance.

New, Friday, December 15, 2017 - 2:14pm

 Posted on Wednesday, November 29, 2017 - 8:35am

 

UNH IT has received reports of a phishing email targeting students that seeks to obtain  UNH username and password. The subject of the email is "UNH Alert".

If you received this email, please delete it. If you clicked the link and entered your UNH credentials, please call the UNH IT Service Desk at 603-862-4242 for immediate assistance.

Email Text

Links in text have been removed and are underlined here for reference.


We have received a request from you to delete your email permanently.

Your request is being processed, and in less than 24 hours it will be effected.

If you did not make this request, click here and sign back in to avoid automatic closure.

Thanks.

University of New Hampshire


 

New, Monday, November 20, 2017 - 10:23am

 Updated on Wednesday, November 15, 2017 - 8:40am

UNH Information Security Services has become aware of a phishing attack. The message references that "your mailbox has exceeded the storage limit set by your administrator" and seeks to obtain user credentials. The subject line of the message is: Your mailbox is almost full

If you clicked the link and entered your UNH credentials, please call the UNH IT Service Desk at 603-862-4242 immediately for assistance.

For the text of the email, please review the post related to this phishing attack on The Phishbowl: https://www.unh.edu/it/news/2017/11/phishing-email-subject-your-mailbox-is-almost-full

 

 

Tuesday, November 14, 2017 - 9:19am

 Updated on Wednesday, November 8, 2017 - 8:26am

UNH Information Security Services has become aware of a phishing attack. The message references "a request from you to delete your email permanently" and seeks to obtain user credentials. The subject line of the message is: ALERT!!

Students: if you clicked the link and entered your UNH credentials, you need to reset your password.

Employees: if you clicked the link and entered your UNH credentials, please call the UNH IT Service Desk at 603-862-4242 immediately for assistance.

For the text of the email, please review the post related to this phishing attack on The Phishbowl: https://www.unh.edu/it/news/2017/11/phishing-email-subject-alert

Wednesday, November 8, 2017 - 8:25am

 Updated on Tuesday, October 31, 2017 - 3:28pm

UNH Information Security Services has become aware of a phishing attack. The message references "the New 2017 Microsoft Outlook Web portal" and seeks to obtain user credentials. The subject line of the message is: Compulsory Outlook Update.

If you clicked the link and entered your UNH credentials, you must call the UNH IT Service Desk at 603-862-4242 immediately for assistance. 

For the text of the email, please review the post related to this phishing attack on The Phishbowl: https://www.unh.edu/it/news/2017/10/phishing-email-subject-compulsory-outlook-update 

New, Wednesday, October 11, 2017 - 1:27pm


 Updated on Thursday, October 5, 2017 - 2:39pm

UNH IT has received reports of a phishing email that attempts to obtain user credentials with UNH-branded Outlook Web Access log in page.  This attack is targeting both students and employees and may indicate it was sent from a wildcats.unh.edu email account. 

The subject of the email is "Meeting Alert!"

Students, Faculty, or Staff who entered their username/password on the Phishing email/attack MUST contact the IT Service Desk at 603-862-4242.

Please visit https://www.unh.edu/it/the-phishbowl for up-to-date information.

Monday, October 2, 2017 - 9:37am

 Updated on Friday, September 22, 2017 - 12:33pm

Earlier this week, Cisco Systems’ Talos group determined that some versions of the widely-used CCleaner application are compromised.  While use of the impacted version is not believed to be wide-spread across UNH, it is important that all devices using this application be checked and those that are affected, be remediated. 

Details about this compromise and remediation instructions are available in the security alert posted to the ISS website earlier today. https://www.unh.edu/it/news/2017/09/security-alert-ccleaner-compromise

Due to the nature of this threat, it is important that ALL impacted devices be reported to the UNH IT Service Desk and remediated according to the process they provide.  ATLs, Desktop Consultants, and other first-level support personnel should not attempt to remediate this issue prior to contacting the Service Desk.

Monday, September 25, 2017 - 1:09pm

 

 Updated on Wednesday, September 20, 2017 - 8:20am

UNH Information Security Services has become aware of a phishing attack targeting faculty and staff. This mail references the 2017 Payroll Schedule and seeks to obtain user credentials. 

While additional incoming emails have been blocked, faculty and staff who have already received this email may still be impacted by this event. Anyone who received this email should delete it from their inbox. If you clicked the link and entered your UNH credentials, you need to call the UNH IT Service Desk at 603-862-4242 immediately for assistance. 

For the text of the email, please review the post related to this phishing attack on The Phishbowl: https://www.unh.edu/it/news/2017/09/phishing-email-subject-payroll-schedule-calendar-is-now-available 

 
Monday, September 25, 2017 - 1:10pm

 Updated on Tuesday, September 19, 2017 - 8:54am

UNH Information Security Services has become aware that there is an on-going phishing attack targeting students.  The attack was launched using a valid @wildcats.unh.edu email account and seeks to obtain student user credentials by informing them that use of their email has been suspended.  While additional incoming emails have been blocked, students who have already received this email may still be impacted by this event.  Any student who received this email should delete it from their inbox.  Students who clicked the link and entered their UNH credentials need to call the UNH IT Service Desk at 603-862-4242 immediately for assistance.  

For the text of the email, please review the post related to this phishing attack on The Phishbowl - https://www.unh.edu/it/news/2017/09/phishing-email-targeting-students-subject-mailbox-limit-exceeded.

New, Wednesday, September 13, 2017 - 1:56pm

 Posted on Friday, September 8, 2017 - 10:52am

Equifax, one of the nation’s largest American credit agencies, announced on Thursday, September 7, 2017 that it is the latest to suffer a mega-data breach from a cyberattack. More than 143 million people could be affected. Details: https://www.unh.edu/it/news/2017/09/equifax-data-breach

Friday, July 28, 2017 - 8:17am

 Updated on Thursday, July 6, 2017 - 4:25pm

The link in this phishing attack opens a fake UNH branded Outlook Web Access log in screen in an attempt to steal user credentials.   

Additionally, when the link is clicked, a file or files are written to the user's device and information about the cookies stored in the user's browser are collected.  

Users who clicked this link need to take the following steps immediately:

  1. Notify the UNH IT Service Desk at (603) 862-4242 or Information Security Services if the user entered their credentials into the log in screen.
  2. Run an anti-malware scan on the device they were using when they clicked on the link from this email.
  3. Clear the cache on the browser being used when the link was clicked.
  4. Change the password on any account they have logged in to using that browser.

Text of the email can be seen on The Phishbowl - https://www.unh.edu/it/news/2017/07/phishing-email-subject-tech-solutions

 

Friday, July 28, 2017 - 8:17am

 Updated on Wednesday, July 5, 2017 - 3:12pm

UNH Information Security Services (ISS) is aware of a phishing email that has rapidly spread across campus.  The subject of the email is “IT Service Desk” and the full text of the email is available on The Phishbowl (https://www.unh.edu/it/news/2017/07/phishing-email-subject-it-service-desk).

When clicked, the links in this email take the user to a very convincing UNH branded Outlook Web Access log in page.  The device of any user who clicks either of the links in the email should be scanned for malware immediately.  Additionally, any user who enters their credentials must have their account secured.  

For assistance please contact the UNH IT Service Desk at (603) 862-4242.

New, Monday, July 10, 2017 - 12:07pm

 Posted on Tuesday, June 27, 2017 - 1:05pm

UNH IT has been alerted to a new, global ransomware event with the potential to impact UNH users.  On Tuesday, June 27, a new variant of the Petya ransomware strain began infecting computers across European countries including UK, Ukraine, Spain, and the Netherlands.

As of this posting there have been no reports of impacted devices at the University.  This strain of ransomware, which spreads like the Wannacry strain, only affects Windows devices that do not have the appropriate patches installed.

Information on how to determine if a device is vulnerable and details on the patches that address this vulnerability is available in the UNH IT Knowledge Base.

ISS will continue to monitor this evolving event and provide updates and additional information if appropriate.

 

New, Monday, June 19, 2017 - 10:30am

 Posted on Monday, May 15, 2017 - 11:55am

UNH IT has been made aware of a large list of email address and password combinations that have been publicly posted.  These publicly posted credentials appear to be an aggregation of data from several breaches at third-party companies.  We are alerting the UNH community because this list includes UNH email addresses.
 
We are currently analyzing the list to identify all active UNH users whose email addresses are impacted.  Active UNH users whose accounts are on this list will be contacted and required to change their passwords.
 

New, Wednesday, May 17, 2017 - 10:05am

 Updated on Friday, May 12, 2017 - 4:55pm

UNH IT has been alerted to a large-scale ransomware event with the potential to impact UNH users.  On Friday, May 12, a new variant of the ransomware strain WannaCry began infecting computers around the globe.  While there have been no reports of this ransomware affecting any devices at the University as of this posting, the virulent nature of this strain is cause for concern. 

If your UNH device is managed by IT/ConfigMan, the patch that protects against this Windows-based infection was pushed out earlier this Spring and has been applied to your device if it has been turned/off or rebooted recently.  If you are not sure when you last rebooted your device, please restart to ensure the patch is applied.

If your UNH device is not managed by IT, ensure your Microsoft Updates are all up-to-date.

Friday, May 12, 2017 - 4:59pm

 Updated on Wednesday, May 3, 2017 - 4:08pm

UNH IT has received reports of a phishing attempt with the subject line “[Person’s Name] has shared a document on Google Docs with you”.  The name of the person may be different than the name in the screenshot below.

The message attempts to gain access to Google accounts. 

If you received this message, please delete the message.

If you clicked on the link and followed the instructions:

  1. Go to your Gmail accounts permissions settings at https://myaccount.google.com/permissions.
  2. Remove permissions for “Google Docs,” the name of the phishing scam.
  3. Change your password.

If you cannot log in to your Google account, visit Google’s Account Help page https://support.google.com/accounts/answer/58585?hl=en&ref_topic=3382296

 

Snapshots of the email message:

Wednesday, May 3, 2017 - 4:15pm

 Updated on Monday, April 24, 2017 - 1:56pm

UNH IT has received reports of a phishing attempt with the subject line “We’re Adding Some New Maintenance” and appears to be from the UNH HelpDesk.

The message attempts to gain access to your UNH credentials by linking to a webpage that asks for your UNH username and password.

If you received this message, please delete the message. If you clicked on the link and entered your username and password, please contact the UNH IT Service Desk immediately at 603-862-4242.

Snapshots of the email message and the fake login page can be viewed below: