During the Holiday break – Monday, December 20, through Friday, December 31 – the IT Department will be performing system updates for various services outside of our normal maintenance windows. Many of these updates are simple and will just require a server reboot or two and outages will be brief and intermittent. However, there are a few key systems that will require extended outage time. For those services we will communicate the status below.

 
Service Update Status Planned Start Time
Main website Completed Monday 12/20/2021
Skype for Business Completed Evenings of 12/19/2021*
File Share Drives Completed Tuesday 12/21/2021
VPN services Completed Thursday 12/23/2021
Colleague (myCap, Colleague UI, etc.) Completed Wednesday 12/29/2021*
* Starting after 7pm
* May carryover to next day

 

 

Building Name

Location

Blackmore Library Basement, IT Help Desk
Capital Apartments Basement Lounge
Capital Center 2nd Floor Moe Lounge
College Avenue 1st Floor Lobby

3rd Floor Lobby

Cotterman Hall 1st Floor East Lounge

1st Floor West Lounge

2nd Floor Center Lounge

3rd Floor Center Lounge

Facilities 1st Floor Main Office
Law School 1st Floor Commons Lounge
Lohman Complex Hall Basement Lounge

1st Floor Lobby

1st Floor, Room 101

2nd Floor, Room 202

3rd Floor, Room 303

Public Safety 1st Floor Dispatch Office
Saylor Ackerman Hall Basement Lounge

2nd Floor Lounge

3rd Floor, Rm 318

Triple Lounge

Schaaf Hall 1st Floor Lobby

2nd Floor, Rm 270

2nd Floor, Rm 298

3rd Floor, Rm 370

3rd Floor, Rm 398

Student Union 1st Floor Lobby

1st Floor Denvy Bowman Lounge

1 Main Café’

Mezz Fitness Center

Trinity 3rd Floor Lounge, Rm 320
Troutman Hall 1st Floor Business Lounge

 

Alternatives to Cable TV Services

There are many online streaming service providers, however, here are some of the most common self pay services.

Self Pay Service Providers Cost Per Month*
Sling TV:

Sports, news, and entertainment with 30+ channels, 80k+ shows and movies on-demand.

Two channel line up options available: Orange and Blue for $35 each. No current student discount available. For more information, go to: SlingTV
Amazon Prime Student:

Access Amazon’s streaming catalog of TV shows, movies, free unlimited photo storage with Prime Photo, and two-day Prime shipping. Electronic textbook rentals, Amazon music unlimited and Kindle unlimited at a low additional cost.

Six-month free subscription with the option to cancel anytime. $6.49/month after six-month trial as long as you are a student. Go to AMAZON for more information.
Hulu Student Discount:

Full access to Hulu’s original streaming library of movies, kid’s shows, and TV shows. This subscription is ad-supported. Also includes Spotify premium service.

Hulu’s standalone plan is $1.99/month if you are a student. This subscription rate cannot be combined with the Disney Bundle (Hulu, Disney+ and ESPN). More info here: https://www.hulu.com/student
Disney Plus and Disney Bundle:

Unlike other streaming services, Disney Plus does not offer student discounts or free trials.  Students can subscribe to either Disney+ only or take advantage of the Disney bundle which includes Hulu, ESPN and Disney+.

The Disney+ standalone plan is $7.99/month and the Disney Plus bundle is available for $13.99/month. More info here:  https://www.disneyplus.com/welcome
Paramount Student Discount:

Watch everything from live-streamed sports to hit shows from MTV, Comedy Central, CBS news and more. This subscription applies only to their limited commercial plan, similar to Hulu.

Students can get 25% off Paramount’s regular monthly subscription plan of $4.99/month. Go to PARAMOUNT for more info.
YouTube Premium Student Discount:

Students can get ad-free unlimited videos and music with a YouTube Premium subscription.

The student plan is $6.99/month with a free 1-month trial. More info here:  https://www.youtube.com/premium/student
*Please Note: Changes in services and pricing can occur at any time at the service provider’s discretion and without notice.

There are many FREE online streaming service providers, however, here are some of the most common services.

FREE Service Providers
Sling TV Free:

Free live TV and on demand content

Visit: https://www.sling.com/deals/sling-free or https://www.sling.com/supported-devices/sling-free for info on supported devices.
AppleTV+:

Access to Apple’s original catalog of TV shows, movies, series, documentaries, and comedies

Free subscription with your new university issued iPad device.
Peacock TV:

Free TV, movies, TV series, news and on demand content

Visit www.peacocktv.com for more details. Registration may be required.
Roku Channel:

Free live TV, movies, TV series and on demand content

Visit: https://therokuchannel.roku.com for more details. Registration may be required.
Crackle:

Free movies, TV series and on demand content

Visit: https://www.crackle.com/ for more details. Registration may be required.
Pluto TV:

Free live TV, movies and on demand content

Visit: https://pluto.tv/en/live-tv/pluto-tv-crime-movies for details. Registration may be required.
Tubi:

Free TV, movies and on demand content

Visit: https://tubitv.com/home for more details. Registration may be required.
Plex:

Free live TV, movies and on demand content

Visit: https://www.plex.tv/ for more details. Registration may be required.
IMDbTV:

Free movies, TV series and on demand content

Visit: https://www.imdb.com/tv/ for more details. Registration may be required.

Questions, inquiries and concerns about cable services should be directed to the IT Helpdesk via email helpdesk@capital.edu.

Modification of Cable TV Services

In response to changing student and university needs, Capital University will be modifying its standard cable TV services on the Bexley campus. Cable services provided by Spectrum, will be discontinued in residence hall rooms, academic spaces and Trinity North apartments beginning Fall semester 2021.

New cable service and programming will be designated to community areas in residence halls and key academic spaces on campus to provide programming that fosters community building, student success and enhance the student experience. Programming will be revised as the technology and educational needs change.

Why is this Happening?

The decision to discontinue cable services was based on multiple factors:

• Increased investment in network infrastructure, wireless technology, and increased bandwidth service on all campuses.

• A survey of our residential students overwhelmingly indicated they do not watch traditional cable TV services from Spectrum. The majority watched TV programming using an online service provider such as Hulu or Netflix.

• Decreasing cable TV usage within the educational setting and increasing cable costs were not financially beneficial to meet the needs or demands.

Alternatives to Cable TV Services

If you are a student, you can take advantage of all the student discounts and subscriptions available by registering with your “.edu” email address.

Most streaming service providers will let you stream for free for the first few months, and you will be eligible for a student discount after your free trial ends. Many will also offer ad-free viewing, unlimited access to exclusive content, and partnerships with popular music libraries like Spotify. Additionally, there are some streaming services available for free.

Click HERE for a list of common online streaming services and content available.

What Streaming Devices Can I Use?

Streaming services will work on majority of mobile devices, such as iPads, Firesticks, Roku, laptops, tablets, smart TVs, gaming devices and cellular phones.

Ensure that you connect your device to the Capital network correctly to benefit from these services. Instructions for connecting your device to the network can be found HERE.

Where Can I View Cable TV Programming?

Cable TV services and programming can be viewed in residence halls common areas and designated academic buildings across the Bexley campus. Click HERE for a complete list of locations.

What is the New Channel Line Up?

Spectrum has provided Capital with cable programming that includes a variety of channel favorites such as the Big Ten Network, TLC, BET, The Food Network and CNN just to name a few.  A complete channel line up list can be view HERE.

Where Can I Get Help?

Questions, inquiries and concerns about cable services should be directed to the IT Help Desk, helpdesk@capital.edu.

What is Two Factor (2FA)?

Two-Factor Authentication (2FA) is used to strengthen ​the security of user accounts and University business systems that hold sensitive information. It adds another layer of online protection from damaging cyber criminal attacks that cost organizations millions.

As part of this initiative, effective July 12th, 2021, all Windows PC Users will be required to use 2FA when accessing University business systems and resources via VPN (virtual private network). Macintosh Users are currently using 2FA.

Why Two Factor?

We are all used to having one layer of security to protect our account which is our password, however, passwords aren’t enough to protect the University or you against cyber criminals who desire to gain access to resources using compromised credentials.

The goal of 2FA is to provide a higher degree of identity assurance of a user accessing University resources via VPN.  If cyber criminals obtain your username and password, they will still need access to your phone and/or a passcode to get into your account.

Having a second form of identification greatly decreases the chance of a criminal gaining access to devices, sensitive information, fraud and will build secure online relationships due to compromised credentials.

How Does 2FA Work?

You will need to download and install the Microsoft Authenticator App on your phone and configure it to work with your work PC. Detailed step by step instructions can be found below.

Once configured, you will need to use 2FA any time you log into the University’s VPN. You will need to enter your Capital username and password as well as authenticate through your phone. You will be required to use two different sources (factors) to verify your identity:

  • Something you know:  your Capital credentials (username and/or password), and
  • Something you have:  a phone and/or passcode

What If I Don’t Own a Cell Phone?

Please contact the IT Helpdesk, helpdesk@capital.edu or 614-236-6508 to have a ticket created and assigned to our network team. We will work with you directly for a resolution.

Can I Use VPN on my iPad or Other Mobile Device?

At this time, we are only recommending 2FA for your work PC. We will notify you once we are ready to roll out and support 2FA for mobile devices and the iPad.

Need Help? Have A Question or Concern?

If you have questions, concerns or need technical assistance, please contact the IT Helpdesk, helpdesk@capital.edu or 614-236-6508.

===========================================

If you would like to download a PDF copy of these instructions so that you can click on the embedded links in the documentation, please click here.

Microsoft Authenticator Setup

This week, IT was made aware that Microsoft recently activated a global security enhancement feature with all O365 email accounts in which they blocked your ability to forward email messages from your internal O365 account (capital.edu) to any of your external accounts such as Gmail or Yahoo. Internal forwarding, from one capital.edu account to another capital.edu was not affected.

Although Microsoft made this global change, they have allowed an option for IT to enable the external forwarding capabilities again, so we have re-enable this feature as of this morning, which should allow you to continue to forward messages from your internal account to any external accounts.

Please note: Since this change was made this morning, you may not have all your email in your personal account, you will have to log in to your Capital mailbox and see what messages you have received over the last few days that did not forward.

 

During the Holiday break the IT Department will be performing system updates for various services outside of our normal maintenance windows. Many of these updates are simple and will just require a server reboot or two and outage will be brief and intermittent. However, there are a few key systems that will require extended outage time. For those services we will communicate the status below.

 
Service Update Status Planned Time Frame
Main website Completed Morning of 12/23/20
Skype for Business Completed Morning of 12/23/20
File Share Drives Completed Morning of 12/24/20
Colleague (myCap, Colleague UI, etc) Completed Evening* of 12/29/20
* Starting at 5pm

 

One other change to happen during the week of the 21st is that the login page for Office 365 will change to the same login page with the “Gate” that you see with MyCap.

Update: This has been completed.

DATE:                 Thursday, November 11, 2021

TO:                      All Capital University Faculty, Staff and Students

FROM:               The Department of Information Technology

SUBJ:                  Spam/Phishing Attacks on Campus

Recently there has been a sharp increase in email phishing scams due to compromised Capital user accounts.  A compromised account is one that is accessed by a cybercriminal who is not authorized to use that account.  When student or employee accounts become compromised, those accounts are used to send spam and phishing emails to people on and off campus.

The latest phishing scam on campus involves the circulation of an email message for a “dog sitting” job opportunity.  This overpayment scam plays out roughly the same way as with the “nanny or caregiver scams,” but with some slight variation.

  • The scammer will reach out to you online or via text once you give them your personal contact information stating they want to hire you. Typically this is without them interviewing or seeing you in person
  • An upfront financial advance offer is made by the scammer for your services, typically in the form of a money order from some type of “business” the scammer claims to work for, or a government “embassy”.  They may also ask you to accept deliveries or make purchases on their behalf with promises of reimbursement
  • The amount of the money order will always be written for more than the amount needed, and the recipient will be asked to keep a portion of the funds and either send the extra funds to a third party, or if they have changed their mind, return all the money as soon as possible
  • If you were asked to accept deliveries or purchase items in preparation for the dog sitting position, you may be asked to forward an upfront payment to a third party (via check, wire transfer, gift cards, etc.) to cover the cost of the materials

Although the money orders from the scammer are all fake and fraudulent, many banks will still cash them and place the funds into the pet sitter’s account within a few days.  However, usually within a month, the money order is returned as fraudulent, and the bank will withdraw the money from the pet sitter’s account.  The bank may also charge extra fees, and may pursue the pet sitter with criminal charges for cashing a fake check.

Please be aware and cautious when reviewing and/or responding to email messages with job opportunities that require you to send money up front as a condition of employment or offer to pay you in advance.  Trust your instincts and remember if it sounds too good to be true, it probably is a scam.  Never offer your birth date, SSN, username, bank, or other private information to anyone online.  Especially if they are asking you to “confirm” something for security reasons which is a red flag of a spam.  Educate yourself and read through previous email scams to get a feel for how the spam messages work.

Key Points and Red Flags in Identifying Scams

  • Paying close attention to the “From” and “Reply-to” in the email address to see if it’s a valid address you recognize
  • Check the body of the message to see if the English wording is awkward  or if there are lots of misspellings in the sentence structure
  • Be cautious if someone wants to only communicate with you via email or text messaging. Scammers do not want to talk to you over the phone or video chat
  • Most job postings like this will state that they are “moving to your area”, however, they will not be able to tell you where your area is if you question them
  • If someone is very keen on sending you money before meeting you, this is likely a scam!  Never accept a pet-sitting assignment or payment until you’ve met a potential client in person at the initial consultation.  No legitimate employer will ask you for your banking information or give you money without meeting with you
  • If a potential client urges you to transfer money using a service like Western Union or MoneyGram, it’s probably a scam. Don’t send money to someone you don’t know, either in cash or through a money transfer service. Likewise, don’t deposit a check from someone you don’t know and then transfer the money

IT works diligently to help prevent and counteract spam and phishing scams through various security appliances such as Barracuda which scans every incoming email message for spam and phishing exploits. Barracuda will catch majority of exploits, however, nothing is fool-proof and it takes the cooperation from all of our campus users to help keep the infrastructure and user accounts safe at all times.

What Do I Do If I’ve Been Scammed

  • If you or someone you know was tricked into transferring money for any reason, the Federal Trade Commission (FTC) wants to know about it: https://www.ftccomplaintassistant.gov/#crnt&panel1-1 so please report it
  • Next you should report the incident to the money transfer company.  The two common companies are MoneyGram: 1-800-666-3947 (1-800-955-7777 for Spanish) or com and Western Union: 1-800-448-1492
  • Make a report and work with your bank
  • Notify and report it to the caregiver web site you were contacted through so they can stop the scammer from targeting anyone else on the site. The scammer is likely trying to prey on others who are looking for work
  • Finally, file a complaint with the Internet Crime Compliance Center (IC3) which is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center.

Visit the IT Status Page for detail information on other forms of email phishing scams:  https://inside.capital.edu/ITStatus/index.php/category/spam-phishing/.  Questions, inquiries and concerns can be directed to the IT Help Desk, helpdesk@capital.edu or 614-236-6508.  If you suspect that you have received a phishing scam, please report it abuse@capital.edu.

 

The following was a phishing email – please find some key warning signs below to look for in order to help you determine if the email is dangerous.

Phishing – is an unsolicited email message trying to get you to give up something. Typically they are trying to get your username and password. Sometimes they try and get you to click on a link or run an attachment that will infect your computer with a virus. To learn more about phishing attacks and tactics, visit phishing.org for more information.

The email above shows 5 things that tell us this is a fake email and should be deleted. It is important to note that not all bad emails will have all 5 things wrong in them, some may only have 1 or 2 of these things and/or may have a few more not listed in this article. These are the most grievous and common red flags that you can spot and use to determine if a message you received is safe or not.

Before we get into the 5 individual red flags you can also see that the overall message itself is a red flag… it is very short and does not say much of anything but is about an important topic that may be of a concern to you. However, the only option for you to learn more is by clicking on a link. A proper announcement should have more content in the email helping you to understand why the email is of importance to you.

1. The email’s friendly name displays Capital University but the email address is not of @capital.edu.
This is a big clue; if this email is “Regarding your Payroll” then why would someone at ccri.edu be emailing people at capital.edu? This by itself should tell you to just delete the email but you can also contact the appropriate person, in this case someone in Payroll, by phone or by forwarding this email to them (DO NOT reply to unknown/untrusted senders) and as ask if this is legitimate.

Sometimes, instead of Capital University,  you may see the name of someone that you know from Capital but still with a non-capital email address such as gmail.com or yahoo.com… that is still not from the person named. The spammer likely looked at our website and picked a name that would bolster your trust of their spam; but it is still not legitimate.

Important: You may get an email that is from a person from Capital and it has their capital.edu email address… That alone should not cause you to trust a message like this. These other red flags should still be checked as the named person’s account may have been compromised and the spammer is logged in to this person’s account and sending the emails from it.

2. The Barracuda Spam Appliance was suspicious of this email and has tagged the subject line with [POSSIBLE SPAM].
Emails are scored and the higher the score the more likely it is spam, there are four ranges of scores; not spam, possible spam, quarantine, and spam. This email did not score high enough to be outright blocked or quarantined but it was suspicious so it was tagged. That tag should alert you to treat the email with extra caution and examine it to see if you can trust it. Things you should ask yourself – Were you expecting this? Do you know the sender? Can you verify this email with the sender without replying to it?

3. The greeting does not contain your name.
The use of a form letter or generalized greetings can aid in determining the trustworthiness of an email. With the ease of mail merge, many of the key offices here at Capital work to personalize their emails to you. For example: the IT password expiration notices are automated but they use your first and last name as we have that in our system, the spammers do not know what your first and last names are so they cannot do that. Should an email use you email address in the greeting then that is a dead giveaway that it could be dangerous.

4. The enclosed link does not point to where it says it does.
Hover your mouse cursor over the link (do not click!) and a pop-up should appear showing the true destination of the link. You can see the link text said it was a www.capital.edu site but the pop-up is tiruleta.es (the ‘es’ is the country code for Spain). If you click on this link then you are taken to a server at tiruleta.es in Spain, not a server with Capital.

ALSO note: the end of the weblink listed that it was a pdf file… but the end of the pop-up shows that you are going to a PHP page.

5. The signature text does not tell you who from Capital sent the message.
Based on this message alone, you do not know who sent it nor do you know who to call to verify its validity or to ask questions. That is because the real sender, the spammer, does not want you to verify it. They only want you to click on the link, fill out a form, and give away your password and possibly many other personal pieces of information. If this was really from payroll you would have had a Capital person’s name and phone number on it so that you could contact them.

There are many other methods that can be used to identify suspicious emails not seen in this email and thus not listed in this article. For a good search with Google look at this link:
https://goo.gl/P50y4X (this is a google shortened URL much like tiny url).