CIS Staff Technology Blog

 Blog Archive

Blog Posts

Classroom Pilots Spring 2024

Introducing Hybrid Classrooms to Campus

In an effort to support additional modes of teaching on campus, Technology Support Services (TSS) and Educational Technology & Media (ETM) are working together to pilot three hybrid/remote classrooms, to develop a long-term plan for providing support and to continue to add more hybrid paces on campus.

The current classrooms that have new equipment are:

  • Cremona 202

  • McKenna 118

  • Demaray 356

Each space is a pilot outfitted with slightly different configurations to allow TSS & ETM to learn what works well in these spaces and also to learn which technology solution(s) teachers can also smoothly integrate into their teaching methods. In this post, we will introduce you to the technologies installed in these spaces so you can be thinking about how you might utilize these features in your own teaching.

About the Rooms

Both Cremona 202 and McKenna 118 were selected in response to faculty setting up their own conferencing hardware for Zoom hybrid classes during Covid-19. To meet user needs, TSS partnered with ETM and began to develop a plan to see how we could integrate these technologies and make them part of our standard classroom model.

Cremona 202

This room contains our standard podium setup, but also has a TV mounted in the front of the room with a Logitech Conference Bar; which is an all-in-one solution with a camera, microphones, and speakers. Additionally, there is a touchscreen controller which can be used to control Zoom sessions. The Logitech camera captures a view of the whole room, instead of solely focusing on the professor. The TV acts as a secondary screen to show remote participants.

This space contains two separate systems and you may not have the room flexibility you may want due to how furniture and the room are configured.

In this space, the professor would join the Zoom meeting on the touch screen controller and plug in their SPU-provided laptop or use the podium PC to display slides. Thus, this room has two different connections to the class Zoom meeting; one to display content to in-person and remote participants, and the other for the audio and video communication with the remote students, from two different accounts.

Please note: the “second” account would be the room itself; users can start the meeting from the touch screen controller or use the meeting code to join the meeting with the touch screen controller. If you would like to read more about this configuration, please see our documentation here.

Cremona 202 Hardware

TV and logitech conference bar in Cremona 202Logitech Tap Controller

Cremona Camera View

Logitech bar Camera Room View in Cremona 202

DLMH 118

Like Cremona 202, there are separate TV and Logitech hybrid components in the room, but they are mounted on a cart instead of the wall.  This allows the instructor to re-arrange the furniture in a variety of ways that Cremona may not be able to, providing for more flexibility.

 

This room is outfitted with the same hardware, plus an additional camera to capture the professor directly, with a supplementary microphone pod to improve the audio capture of in-person students for class discussions. These additions are due to DLMH118 being a larger space than CREM102.

McKenna/DLMH Hardware:

Microphone Pod in DLMH 118DLMH 118 Additional Camera

DLMH Hardware Pictures

Logitech Rally Bar Camera view in DLMH 118

Additional Camera View DLMH 118

Demaray 356

This classroom has a completely re-designed the podium setup, allowing for instructors to plug-in a laptop to display content with the projector. Instructors can also choose to connect the mounted camera and belt pack microphone to their laptop and run both the Zoom meeting and in-person classroom simultaneously.

 

The intention behind this design is to make streaming or recording a lecture easier, though it will not capture the audio or video of students. This is due to the class being tailored to ensure that remote participants can hear and see the professor, rather than to provide a more hybrid-like classroom experience. With those details in mind, ETM encourages instructors to consider how the space works within the mode in which you’d like to teach.

Demaray Hardware:

Belt Pack Microphone in Demaray 356Demaray 356 Mounted Camera

Demaray Camera View

Demaray 356 Camera view of room

About the Pilot Process

Pilot rooms exist as opportunities for TSS and ETM to invest and test innovative technologies and/or room designs with the Office of the Registrar and Facilities. These pilots allow TSS and ETM to respond to instructor teaching goals and to the needs expressed on campus.

The final versions of hybrid rooms for some spaces may change before other rooms are converted on campus. For that reason, ETM and TSS would like to request your feedback on the technologies in these spaces as such feedback will be a vital component in how we plan classroom upgrades and choose which features to introduce within the budget we have.

Even in nonpilot spaces, your feedback and perspectives are important.

Past surveys have indicated there is a need to improve the technologies in classrooms and to provide enhanced features, such as instructor audio and video recording, or alternatively, to provide student audio and video recording. In our current pilots, we opted to address these needs while working within the budget that is available. In our continued work to address these concerns and to provide an enhanced classroom experience, it will be necessary to look for creative solutions to save money for the classrooms spaces we support and to look at how we could introduce more of these spaces, like DLMH, on campus.

Providing Feedback

If you would like to view additional details about each of these spaces, please view Hyflex Classrooms.

If you have ideas on what this could look like or you would like to learn more, we encourage you to reach out to the TSS Director, Karen Park at kpark@spu.edu or to the Assistant Dean for Instructional Design and Emerging Technologies, John Robertson at rjr@spu.edu.

If you would like to provide input on our standard classroom designs and learning space standards now.

Matthew Migration

All files previously stored on Matthew should now be migrated to SharePoint or be in read-only mode for a short while until the old storage platform is retired. If you still rely on access to any files on Matthew, please contact cis-bst@spu.edu so you don’t lose access to those files.

Zoom Client Upgrade

Zoom will be deprecating older versions of the Zoom client over the next few months.  To prevent disruption, we have updated academic computers and podiums with the latest version and have made the new version available in Software Center.

We recommend you ensure your computer is setup to receive automatic updates and is on the latest version of the desktop client. To check the version you have installed or to download the latest version, please take some time now to make sure your computer is ready by following the steps below:

  1. Once signed in, select your profile photo in the top right corner.

  2. Select Check for updates. If there are updates available, Zoom will download and install. 

If you have additional questions or concerns, please reach out to the CIS HelpDesk at help@spu.edu or at 206-281-2982.

Classrooms and Labs

Demaray 356 Updates

Demaray 356 is transitioning into an integrated hybrid pilot classroom! This pilot room space will be used to test a new integrated hybrid system. Previously installed hybrid classrooms did not have an integrated PC with the system, whereas the new system being trialed has an integrated system that you can plug your laptop into.  

If you’re interested in learning more about how the room works or would like to have a demo of the classroom, please reach out to CIS at help@spu.edu!

Academic PC Software

CIS is in the process of rolling out Windows 11 for all of campus! We are also collecting software requests for fiscal year 2024-2025.

For questions or concerns regarding the Windows 11 rollout and how it may impact academic lab spaces and/or classroom podium pcs, individuals can collate their requests for their department via submitting software requests form here: Software Requests ‘24-25.

If you are concerned about specific software compatibility with Windows 11, such as specialty hardware or legacy software, please complete the form linked above.

As a reminder, we encourage you to reach out the CIS HelpDesk if you have any questions or concerns at help@spu.edu.

Introducing Windows 11
Windows 11 plus Logo, over blue wave background

Deployment for Windows 11 devices has begun! It has been announced that Microsoft will cease support for Windows 10 by the end of 2025, so CIS is proactively initialing our Windows 11 deployment process to stay ahead of the curve.

While Windows 11 has been available for a couple of years now, we understand that it may be new to some of you who have not yet upgraded. Our goal is to ensure a smooth and comfortable transition for all users. With this, you can find many helpful resources below!

Windows 11 Wiki Documentation

Documentation for Windows 11 is now available on the SPU Wiki as we begin processing deployments. This may serve as a valuable resource for anyone needing guidance on navigating the new system. Additionally, we have provided walkthrough videos to assist you in familiarizing yourself with Windows 11.

Microsoft Copilot

We are also going to introduce Microsoft Copilot, and encourage faculty and staff to consider leveraging this powerful AI tool within their work processes. Copilot can significantly enhance workflow efficiency, and understanding its functionality is increasingly valuable in today's AI-driven landscape. Documentation for Copilot is also accessible on the SPU Wiki for those interested in learning more.

Upgrade Checklist

To ensure a seamless transition during the deployment of updated Windows 11 devices, we've prepared a checklist for you to review before your visit to the HelpDesk. Once you've completed the checklist, there will be a link to schedule an appointment to receive your upgraded Windows 11 device. Please note that your previous laptop will be retained for one week to ensure that all data has been transferred successfully.

Faculty and Staff will be notified by the HelpDesk when to begin preparing for their device upgrades via email. 

Windows 11 and Copilot Tips and Tricks

As deployment commences, we will be posting a weekly series of tips and tricks to help guide you through the transition and discover new efficient ways to enhance your work productivity. You can find the series of tips and tricks for Windows 11 and MS Copilot below:

 Tip 1: Snap Layouts

Similar to Windows 10, Windows 11 features Snap Layouts. While you can still drag windows to the sides and corners for half- and quarter-screen layouts, Windows 11 introduces a new hover menu over the Maximize button, offering various layout options.

snap-hoverblog.png

For instance, you can choose to have one large window on the left and two stacked on the right or opt for three windows in a row. The available choices depend on the size of your display.

To select your preferred formation, simply click and then arrange your apps accordingly. If you’d prefer, you can disable this behavior in Settings. Additionally, there are keyboard shortcuts available for quickly snapping windows. For example, pressing Windows Key-Left Arrow snaps a window to the left half of the screen.

For more information, please refer to the Snap Layouts and Snap Groups wiki page.

 Tip 2: Virtual Desktops

Virtual desktops are designed to help users organize windows and enhance multitasking, similar to how snap layouts work. Virtual desktops offer a flexible workspace where users can group related tasks or applications together, switch between different projects or workflows seamlessly, and maintain a clutter-free desktop environment. With virtual desktops, users can efficiently manage their workflow and productivity by allocating specific applications or tasks to different desktops, thereby streamlining their work and optimizing their desktop experience.

Microsoft has replaced the old Task View button with a redesigned icon on the taskbar, making it easier to create and manage multiple desktops in Windows 11. Hovering over the icon reveals any open virtual desktops or allows you to create a new one effortlessly.

taskview.png

These desktops can then be rearranged as needed, and apps from one desktop can be seamlessly dragged into another. You can also toggle between multiple desktops with ease by using the shortcut Ctrl + Win + Left/Right Arrow.

In Windows 11, you also have the option to use different wallpapers for each virtual desktop. Simply right-click on the desktop, choose Personalize, then Background, and select a unique image for each desktop. It's important to note that this feature only applies to the Background choice and not to Themes. If you select a Theme, it applies to all virtual desktops; however, you can still customize the background per desktop after applying a theme. When you make this adjustment, you'll notice a smooth cross-fade effect between the two backgrounds when switching between virtual desktops.

For more information, please refer to the Virtual Desktops wiki page.

 Tip 3: Customize Taskbar

The most noticeable change in Windows 11 is the relocation of the Start button. Traditionally situated in the lower-left corner of the screen, it's now centered along with the other icons on the taskbar.

However, if you prefer the classic layout, you can easily revert it. To do so, simply right-click on the taskbar and choose Taskbar Settings. From there, select the Taskbar Behaviors drop-down menu and adjust the Taskbar Alignment to Left.

taskbar settings.png

By making this adjustment, your taskbar icons will shift to the left, and the Start button will return to its original position. Additionally, you can further personalize your taskbar by pinning and adjusting apps. For more advanced customization options, refer to the taskbar personalization settings within the Settings app. To access these settings, navigate to Settings > Personalization > Taskbar.

For additional information and guidance, please refer to the Start Menu and Taskbar wiki page.

 Tip 4: Sticky Notes

Sticky Notes in Windows 11 serve as versatile digital reminders and note-taking companions, seamlessly integrated into your desktop experience. Accessed via the search bar or the Windows Accessories folder, Sticky Notes can provide a convenient platform to jot down quick thoughts, to-do lists, and important reminders right on your desktop. With a simple click or shortcut (Ctrl + N), you can create new notes, which can be easily customized in terms of color, size, and text formatting to suit your personal style and organizational preferences. What sets Sticky Notes apart is their seamless synchronization across devices through your Microsoft account, ensuring that your notes are always accessible whenever and wherever you need them, whether you're on your PC, tablet, or mobile device.

stickynotes.png

Furthermore, Sticky Notes offer advanced features to enhance your productivity, such as insights and keyboard shortcuts, accessible through the settings menu. By pinning notes to your desktop or keeping them minimized in the taskbar, you can keep essential information at your fingertips without cluttering your workspace. To get to the Sticky Notes settings menu, Right-Click on the Sticky Notes app within the taskbar and then go to Settings.

stickysettings.png
 Tip 5: Snipping Tool

Use the snipping tool to take quick photos or screenshots (WIN+SHIFT+S).

The Snipping Tool in Windows 11 is a versatile and user-friendly tool designed to capture and annotate screenshots with ease. Accessible through the Start menu or by searching, the Snipping Tool offers various snipping modes, including rectangular, freeform, window, and full-screen, allowing you to capture exactly what you need with precision and flexibility. With its intuitive interface, you can quickly capture screenshots of specific windows, regions, or the entire screen, providing a seamless way to document and share information.

st icon.png

Once captured, the Snipping Tool offers a range of annotation tools, including pens, highlighters, and text boxes, enabling you to add notes, highlights, and explanations directly onto your screenshots. Whether you're highlighting key information, circling important details, or adding context to your screenshots, the Snipping Tool empowers you to communicate effectively and efficiently. Additionally, you can save your snips in various formats, including PNG, JPEG, and GIF, or easily share them via email, messaging apps, or social media platforms, making collaboration and communication a breeze.

st bar.png
 Tip 6: Keyboard Shortcuts

Keyboard Shortcuts in Windows 11 offer numerous benefits for users:

  1. Efficient Navigation: Shortcuts enable quick navigation between applications, windows, and virtual desktops.

  2. Streamlined File Operations: Shortcuts make common file operations like copying, cutting, and pasting faster and more convenient.

  3. Enhanced Window Management: Users can efficiently manage windows with shortcuts like snapping windows to the sides of the screen.

  4. Access to System Functions: Shortcuts provide swift access to essential system functions and settings, improving overall usability.

  5. Accessibility: Shortcuts can enhance accessibility for users with disabilities, enabling alternative methods for interacting with the system.

Overall, mastering Keyboard Shortcuts in Windows 11 leads to increased productivity, improved workflow efficiency, and a smoother computing experience for all users.

To view a compiled list of keyboard shortcuts, please refer to the Keyboard Shortcuts wiki page.

 Tip 7: Focus Sessions

Amidst the constant stream of messages and video chats taking place throughout the workday, maintaining focus can be challenging. Focus Sessions in Windows 11 can provide a solution by encouraging users to allocate dedicated time for uninterrupted, deep work. Accessible through the Clock app, this feature offers a convenient method to schedule distraction-free work time. Additionally, if your session extends beyond 45 minutes, the app automatically schedules a five-minute break, strategically placed midway through the session to help maintain productivity.

clock settings.png

Furthermore, users have the flexibility to customize their Focus Sessions experience. Options include setting up the Do Not Disturb mode, temporarily silencing notifications, and integrating a to-do list to provide additional context for the focus session.

For additional information and guidance, please refer to the Focus Sessions wiki page.

 Tip 8: Curate Context with AI

When curating context for working with Chat AI like Microsoft Copilot, it's essential to provide ample information and feed it with references to enhance its understanding. Here's a summary of key points to effectively curate context:

  • Detailed Information: Furnish Copilot with comprehensive details regarding the task, problem, or topic at hand. The more information you provide, the better Copilot can comprehend and generate relevant responses.

  • Clear Objectives: Clearly outline your objectives and expectations to Copilot. Specify what you aim to achieve or the outcome you desire from its assistance. This clarity helps Copilot tailor its responses accordingly.

  • Specific References: Supply Copilot with references relevant to the subject matter. These could include documents, articles, code snippets, or any other resources pertinent to the task. Referencing allows Copilot to draw upon existing knowledge and context to produce accurate and insightful outputs.

  • Contextual Insights: Provide contextual insights or background information related to the task or conversation. This could include historical data, previous discussions, or any relevant context necessary for Copilot to understand the current situation better.

  • Feedback Loop: Establish a feedback loop to refine Copilot's understanding and performance over time. Provide feedback on its responses, correct any misunderstandings, and offer guidance to help Copilot continuously improve its capabilities.

By following these guidelines and actively curating context, you can maximize the performance and effectiveness of Chat AI like Microsoft Copilot, enabling it to provide more accurate, relevant, and valuable assistance in various tasks and scenarios. Always keep in my mind that AI is continuously learning and should never be assumed as accurate right away.

In the next tip, we will discuss in more detail what it means to use AI as a collaborate tool rather than a standalone solution.

 

 Tip 9: Collaborating with AI

As mentioned in the previous tip, AI is continuously learning and should never be trusted right away. By feeding it resources and curating context creates better results you can expect. With this, AI should be considered as a collaborative tool instead of a standalone solution. Here are some key strategies for collaborating effectively with AI:

  • Sequential Questioning: Engage in a dialogue with AI by asking sequential questions. This approach helps in building context gradually and allows AI to understand the problem or task more comprehensively. Each question can build upon the previous one, leading to a deeper understanding of the topic.

  • Specific and Detailed Requests: When interacting with AI, provide specific and detailed requests. Clearly articulate what you need assistance with, including any relevant parameters or constraints. Specificity helps AI generate more accurate and relevant responses tailored to your requirements.

  • Utilize Follow-Up Auto Suggestions: Take advantage of AI's follow-up auto suggestions feature. These suggestions can offer additional insights or alternative approaches related to your current context. Evaluating and incorporating these suggestions can enhance the quality and diversity of the generated outputs.

  • Adjust Tone and Narrative: Adapt your tone and narrative to facilitate optimal communication with AI. While maintaining clarity and professionalism, consider adjusting your language to suit AI's understanding and communication style. A conversational tone can foster a more natural interaction and improve the collaborative process.

By employing these strategies when collaborating with AI, such as Microsoft Copilot, you can enhance communication, improve understanding, and effectively leverage AI capabilities to accomplish tasks more efficiently and accurately.

 Tip 10: Task Efficiency with AI

After establishing a curated library of context and resources for AI utilization and adopting an approach that treats AI as a collaborative tool in the tip above, you can harness its power to enhance various aspects of your workflow, thus fostering greater efficiency in your work. Here are some compelling ideas to consider when integrating AI into your workflow:

  • Streamlined Communication: Utilize AI to generate emails or create email templates, facilitating more efficient and effective communication with colleagues, clients, or stakeholders.

  • Project Management Support: Leverage AI to create project timelines and develop meeting agendas, aiding in better organization and coordination of tasks and discussions.

  • Presentation Assistance: Utilize AI to help create PowerPoint presentation slides along with generating presentation scripts to ensure professional and engaging delivery of information.

  • Data Analysis and Insights: Use AI to analyze large datasets and derive meaningful insights for informed decision making. By providing AI with the necessary data, you can collaborate within the chat box to retrieve the best insight or to provide more ideas.

By incorporating these ideas into your workflow and effectively leveraging AI capabilities, you can streamline processes, improve productivity, and ultimately achieve better outcomes in your work endeavors. Before finalizing any outputs generated by AI, remember to review them meticulously for accuracy and coherence, ensuring that the content aligns with your objectives and expectations.

For more information specifically about Microsoft Copilot, please refer to the Microsoft Copilot SPU wiki page!

 Tip 11: AI Hub

Now that you have a strong understanding of how to utilize chat-based AI technologies such as Microsoft Copilot, you can further expand your knowledge of AI within the new AI Hub within the Microsoft App Store.

The AI Hub is a curated library featuring a diverse range of AI-powered applications developed by both the developer community and Microsoft's innovative teams. Its core mission is twofold: to educate users on the transformative capabilities of AI and to showcase practical applications that can revolutionize productivity and spur creativity.

hub.png

The AI Hub helps guide users through the intricacies of AI technology and demonstrates its real-world utility. Through carefully selected apps, the Hub illustrates how AI can streamline workflows, automate mundane tasks, and unlock new realms of creativity. Whether it's harnessing AI-powered photo editing tools to enhance images or leveraging intelligent assistants for seamless organization and communication, the Hub aims to empower users with the knowledge and tools they need to thrive in an increasingly AI-driven world.

In addition to its role as an educational resource, the AI Hub prioritizes user convenience and efficiency. By incorporating AI-generated review summaries, the Hub simplifies the process of app discovery and selection. Users can quickly assess the quality and relevance of applications based on concise summaries of user feedback, allowing for informed decisions without the need to sift through countless reviews manually.

ratings.png

 

The New Microsoft Teams

Microsoft has released a new update to its Microsoft Teams platform that came into effect October 5, 2023, but all Windows and Mac users will be automatically shifted to the new version in January 2024. All information is derived from Microsoft Support, which you can view in Microsoft's article: Switch to the new Microsoft Teams

 

The new Microsoft Teams is for both Mac and Windows, and comes with many new features that we will briefly cover in this blog post:

How to Switch:

To use the new Microsoft Teams app on your window's device, there should be a toggle at the top left corner of your menu bar.

This will prompt a pop up window. Select Get it now. The new teams will begin installing. The Microsoft Teams app will reboot to open the new Microsoft Teams.

Alternatively, if you do not see a toggle at the top left corner of your menu bar, you may select the following link to download the new teams directly from the Microsoft webpage.

Link to download: Download Microsoft Teams

Microsoft Teams Toggle

Microsoft Teams Update Toggle

What's New:

You can now view your status in the Microsoft Teams icon in your taskbar.

 Microsoft Teams was rebuilt for performance, operating quicker and much simpler than the previous teams. The new format allows for enhanced functionality while using less battery and memory of your device.

The new update downloads and installs faster, allowing for an increased ease of access for joining meetings and responding to messages. It also requires less memory and disk usage, increasing the efficiency of your device.

The New Microsoft Teams Look:

How to add Another Account

The new Microsoft Teams allows for multi-account support, meaning you will be able to add another account to your Microsoft Teams App.

To add a new account, select your profile picture at the top right of the application window. Then, select Add another account.

Adding another account to your Microsoft Teams desktop app will allow you to get notifications for both accounts, in real time.

You will be able to participate in different chats, calls, and meeting without having to manually switch between accounts.

You will also be able to set your status for each account individually.

Other Microsoft Teams-related Updates

View what else is new by following the link: Microsoft What's New in Teams.

Also, linked below is the starting video in Microsoft Teams Youtube Playlist covering Microsoft Teams:

How Microsoft Teams Used to Look:

October is Cybersecurity Awareness Month - CSA

It is CIS's responsibility to share some vital information about how to be safe while using the internet and managing yours and students' information.

Over the next few weeks, CIS will be releasing a weekly blog post that expands on four core topics for this year's CSA month: Phishing, Social Engineering (whaling), Passphrases for passwords, and Ransomware.

At the end of the month, there will be a quiz released to employees and students. Receiving 100% on the quiz will automatically enter the user into a raffle. The raffle will have two winners, one student and one employee, who will each receive a prize* from CIS!

Keep an eye out for the first blog post on October 9, and then every following Monday until the end of the month!

*Please note that prizes will be ordered once they are selected by the prize-winners. CIS will contact prize-winners when the prizes are ready to be picked up from the HelpDesk.


decorative photo of two people on a computer



You can champion Cybersecurity Awareness Month by practicing and sharing the information we share this month with your friends and family.  Each October, we try to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime.

Now in its 20th year, Cybersecurity Awareness Month continues to build momentum and impact.  It is co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA).

This year’s theme is: Staying Safe Online

– because while cybersecurity may seem like a complex subject, ultimately, it’s really all about people.
Online Safety Basics - Learn how to protect yourself, your family and devices with these tips and resources.


Security Awareness Week 1: Phishing emails

What is Phishing?

Often carried out over email -- although the scam has now spread beyond suspicious emails to phone calls (so-called "vishing"), social media, SMS messaging services (aka "smishing"), and apps -- a basic Phishing attack attempts to trick the target into doing what the scammer wants. 

Exactly what the scammer wants can vary wildly between attacks. It might be handing over passwords to make it easier to hack a company or person, or sending payments to fraudsters instead of the correct account. This information is often stolen by making requests that look entirely legitimate -- like an email from your boss, so you don't think twice about doing what is asked.

How would you identify a Phishing email?

Emails that contain the following should be approached with extreme caution, as these are common traits of phishing email:

  • Urgent action demands.
  • Multiple sources in the from email address line.
  • Poor grammar and spelling errors.
  • An unfamiliar greeting or salutation.
  • Requests for login credentials, payment information, or sensitive data.
  • Offers that are too good to be true.

Phishing is also a popular method for cyber attackers to deliver malware by encouraging victims to download a weaponized document or visit a malicious link that will secretly install the malicious payload on the person's computer. These kind of attacks mostly are trying to distribute a  trojan malwareransomware . These cyber hackers are hoping you don't look to deep into the email, that you just gloss over the details and click on the link, or download the attachment. Below is a screenshot of a phishing email, and you can see just how tricky they can be.

 

Why is Phishing called Phishing?

The overall term for these scams -- Phishing -- is a modified version of the word 'fishing' except in this instance the one doing this fishing is a scammer and they're trying to catch you and reel you in with their sneaky email lure. In most cases, they will send out many of these lures.

FUN FACT! - Why is Phishing spelled with a "Ph"?

The “ph” spelling of phishing is influenced by an earlier word for an illicit act: phreaking, which involves fraudulently using an electronic device to avoid paying for telephone calls. The people who perpetrated phreaking were called “Phreaks,” and since phreaks and hackers were closely linked, the “ph” spelling was used to denote the phishing scams involving these underground groups. Pretty cool!


We hope by sharing these resources with you, that you will have the tools and information necessary to make informed decisions when using the Internet.


Security Awareness Week 2: Ransomware

The CISA defines Ransomware as a "form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption."

Ransomware can be planted into a network using many methods, like Phishing and Social Engineering. Once it is planted, hackers locate and secure access to important files and move those files to a secure network of their own.

Oftentimes, a hacker needs only access into a network, and can gain such access in a myriad of ways. For example:

  • By sending phishing emails requesting login information or containing malicious code(as we have seen in last week's post) 
  • Looking for weaknesses within your network's security
  • Users are redirected to a suspicious website that infects their computer by browsing or prompts for them to download files off the internet.

       Internet Malicious Actor running away with rucksack filled with user data 

Ransomware Double Attack

A double attack occurs when hackers gain access to a network, move that network's files onto a network they control, then encrypt the data and demand a ransom for a user to regain access and/or to prevent the public publication of those files. The risk: if the ransom is not met, the hackers will sell your data or publish it online.

Unfortunately, users are not typically aware of the attack until they are notified, often by a pop-up declaring the infection and demanding a ransom to receive the decryption key.

Regarding personal data files, law enforcement agencies advise against paying the ransom on such accounts. However, if you don’t have a good back up system, it may be cheaper to pay the ransom to regain access and return your important data.


Computer Safety Tips:

  • Regularly back up important and sensitive data to a separate drive.

  • Install and regularly update antivirus software on your device.

  • Exercise caution when following links in emails, text messages, and websites.

  • Be mindful of what files your are downloading from the internet and avoid suspicious sites.

SPU Employees SPU-Managed Devices:

  • Software and application patches, anti-virus updates, data backups, mandatory browser and security settings are all implemented by CIS and enforced on your school-issued devices.

  • However, it is still essential for all employees to use their best judgement when viewing emails and websites.

If you believe your system is compromised, we urge you to do the following:

  1. Turn off your device.

  2. Disconnect from the internet.

  3. Disconnect your device from any and all external attachments (e.g., usb drives).

  4. Call or email the CIS HelpDesk immediately (206-281-2982 or  help@spu.edu)

Cybersecurity Infographic depicting malicious actors

Security Awareness Week 3: Spear Phishing emails


Spear Phishing is when a cyber-criminal sends an individual an email, SMS message, or voice call, that is designed to manipulate the user into providing the criminal with their login credentials, personal details, or to transfer money.

These types of scams are highly effective because the attackers will typically impersonate the recipient’s boss, colleague, friend, family member, bank, or popular online store to make them feel at ease into giving over sensitive information. (Don't be fooled!)

In many cases, the scammers will imply or threaten that unless the individual acts immediately, there will be negative repercussions, such as the shutdown of an account, legal charges, or other financial penalties, thereby playing on your sympathy response.

While many think these scams are easy to spot, the reality is that anyone can fall victim to them, unless they’ve undergone regular training on how to spot the techniques that attackers use. Below are five examples of Spear Phishing to be aware of. 




Example 1. Fake websites

A cyber-criminal will design a carefully-worded phishing email which includes a link to a spoofed version of a popular website. The website imitates the layout of the original site to trick the victim into entering their account credentials.

  Spear phishing email includes link to a fake site



Google spear phishing email example


Example 2. CEO Fraud

An attacker will take control of an email address familiar to the employee, such as their company’s CEO, Human Resources Manager, or IT admin. The hacker will assume this individual’s identity and ask the user to complete an urgent action, such as transferring funds, updating their personal information, or installing a new app.

CEO Phishing email example


spear phishing email example acting as CEOHR Spear fishing example



Example 3. Malware

In these types of phishing attacks, an attacker will try to trick an employee into clicking on a malicious email attachment. Usually, this type of attack is carried out with a fake invoice or delivery notification.

If you think that the email may be legit, go to a link that you know is safe (one that you have save for the company) and log in from there. Or, you can always call the company and confirm or deny the validity of the email you received.

REMEMBER

If you don't recognize the sender, NEVER click on the attachments or links! 


Ransomware Disguised as Invoice Email








Fake Netflix malware email



Example 4. Smishing

An SMS-based phishing attack in which a hacker will send an SMS or voice message asking the recipient to click on a link to accept a gift, change your password or call a number. The link will take them to a phishing website that they will use to try and gather more information from you.

Also, the link you click on could have malware in it. What does that mean? It could install a program on your phone that will allow the hacker to gain access to all your personal information, e.g. contacts, passwords, email, photos. 


Smishing Amazon text



Examples of Smishing emailsSmishing text posing as law enforcement



Example 5. Vishing

An unknown caller will call the victim and or leave a voicemail urging them to phone them back and hand over personal information, usually by impersonating someone from a trusted company.

The most common type of this is a Tech Support Call.
This attack is widespread in large companies where employees might not know or have met members of the tech support department. Scammers will pretend they need to do a computer update or repair and ask for the victim’s password to do it.




Education is key to beating these attacks. Frequently remind users that you will never ask them to divulge their password over the phone and that they shouldn’t do so under any circumstance.


Vishing scam infographic



Security Awareness Week 4: Passphrases and Canary Files

Zero Trust System

CIS is striving to get as close as possible to Zero Trust security system to secure infrastructure and data across SPU's network. A Zero Trust System requires all users to be authenticated and continuously validated for security configuration before being granted access into SPU's system.

A Zero Trust system is a framework that aims to prevent data breaches from both inside and outside the network. Since only individuals who have been authenticated and authorized for SPU's network can access entry points, adhering to this system provides an added layer of protection for all sensitive data that SPU stewards and prevents unauthorized access to easily accessible entry points.

This framework does not imply that SPU and/or CIS do not trust their students and employees, but rather acknowledges that breaches can occur from anywhere. This system is designed to prevent such incidents. 

Multi-Factor Authentication (or MFA)

MFA is one facet of this system to help protect the SPU network and its users. All SPU users must link their SPU accounts with the Microsoft Authorization app on their phones. When students and employees sign into their accounts, SPU will automatically work to verify that the individual logging into the account has been authorized before granting access.

To make logging in easier and more efficient, keep your phone on hand so that you will be able to immediately verify your identity.


Creating a Strong Passphrase

It is also important for users to use a strong Passphrase or password for securing your account. A strong password will protect your account while also not containing any personally identifiable words; like your mother's maiden name or your childhood pet. It is also important to use a strong or complex password, as a more simple passphrase can be easily guessed.


Here are some key things to follow when creating a password:

  • Use a combination of numbers, capitalization and special characters.
  • Use a longer passphrase that you can easily remember.
  • Don't use a password you have used before, or a slight variation of a pre-existing password.


Do NOT write down OR your share your SPU password with anyone.

Password Managing

If you are worried about keeping track of your passwords, use a password manager that will keep track and record all of your passwords and where they are used. It is also likely that your phone or Google account will have password tracking enabled.

For more information on SPU's Password Policies, please select here.


Canary Files

Canary files are  false or fake files with anti-malware software embedded within them that notifies the user when there has been a breach in your device's security. The files are similar to normal files that would typically be stored on a device by a user.

The normal user will not normally access these files and instead they are acting as a form of bait for files that may be seen as valuable to cyber-criminals. Just like the practice of using canaries in coal mines to signal when it was safe for miners to work, Canary files exist as a prevention method against malware (including ransomware).


There have been rare cases of SPU employees discovering canary files on their device. If you come across canary files on your device, please contact the HelpDesk at (206) 281-2982 or at help@spu.edu for further assistance



Cybersecurity Awareness Month Quizzes

Thank you for joining us for this year's Cybersecurity Awareness month as we covered PhishingRansomwareSocial Engineering (Spear Phishing)Passphrases, and Canary Files

If you have questions or concerns about the topics covered, or would like to learn more, a student technician with the HelpDesk would be more than happy to assist! You can contact the HelpDesk by phone at 206.281.2982 or by email at help@spu.edu.


As a reminder, we are offering one quiz for Faculty and Staff and one quiz for Students to test their knowledge on the topics we covered this month. The quiz will remain open until November 15th, 2023.

A Few Rules to Follow: 

  • One quiz attempt per individual. 
  • A student may not take the employee quiz and employees may not take the student quiz.
  • Only scores of 100% will be automatically entered into the raffle. 
  • Prizes will only be given out to the winning individual(s) after they have made their *selection.
  • One prize per winner. 

*Raffle winners will be contacted by CIS and choose their prize from the available options. Options include bluetooth speakers and/or gift cards. 

Faculty and Staff Quiz Here

SPU Faculty and Staff CSA Quiz

Student Quiz Here

SPU Student CSA Quiz