Beware of IT support impersonators and help protect City computer security

Recently, several City staff members received malicious emails claiming to be from IT (Information Technology) support. The email asked these users to click a link to enter information to verify their email account. Fortunately, two City employees sensed that these requests were fraudulent attempts to obtain confidential City data and notified IT. Thanks to their vigilance, IT was able to send out a warning and block the sender.

City users have experienced similar phishing attempts before, but this was especially worrisome because the City is upgrading its email system and IT was sending emails to users about this process. Although it’s unlikely that the scammers knew about the upgrade process, the coincidence made the City more vulnerable to a security breach.

Computer security breaches are frequently in the news and many of these breaches occurred because someone in the organization was fooled. Because impersonating IT support is an effective way to manipulate people into divulging information or ignoring malicious activities intended to compromise computing systems, IT urges all employees to be wary of any attempt to obtain your user name or password, encourage you to download software or get you to visit websites that can infect browsers.

To avoid being taken in by someone impersonating IT support:

Never tell anyone your user name or password – for any City system – ever! City IT, Unisys staff members and support staff serving legitimate websites will never ask you for this information.

If you have any doubts, verify the identity of IT support people. While it can be embarrassing to challenge someone who seems to be trying to help you, legitimate IT staff will thank you for taking extra step to verify their identity.

Be wary of email requests. Examine the source. The fraudulent message City users received clearly came from an email address that had nothing to do with the City or the City’s contractor Unisys.

Notify IT of any suspicious email request targeting you or the City of Minneapolis. Immediately call the Service Desk at 1-800-262-3112. Or, forward the email to the IT Service Desk with a brief explanation about your concern.

Be wary of phone requests. If a person claiming to be from IT Support calls and requests inappropriate (system log in information, for example) or directs you to download software, end the call by telling them you’ll call them back on the Service Desk phone number. Do not return a call to a number the caller provides you, and do not trust Caller ID. Caller ID can be easy to spoof.

If you use systems that are supported by parties other than City of Minneapolis IT or Unisys, make sure you know how to recognize legitimate communications from their support personnel. If you’re unsure how to recognize whether the communication is from a legitimate source, contact your department’s IT liaison.

Be wary of people working on City computing equipment. If you see someone working on City computing equipment and you are not aware of request for service, you can ask the individual about the service ticket or call the IT Service Desk to verify that the work is authorized by the City. If you are concerned that the person is not on legitimate City business, go to a nearby safe phone and call your building security office. (In City Hall, this number is 612-348-5111.) If your building does not have security coverage or you are unsure of what number to call, dial 911 and state that you have a non-emergency situation (suspicious person).

 

Published May. 9, 2012