In response to the growing impact COVID-19 is having on our workplace and the reality that many of us may be working from alternate locations, the IET team has put together the following suggestions to help minimize disruptions while working remotely.

If you have a laptop, please make sure you are undocking the device and bringing it to and from your office every day. Should we suddenly have to work off-campus, you may not be able to retrieve your laptop if it was left in your office.

• Click here to take a free 10-minute course – Securing Your Work at Home
• Manage Inappropriate behavior in Zoom
• FBI PSA on COVID-19 Telework Vulnerabilities

Take These Steps Now

1. Test Your VDI using one of the three options below:
   On-campus
   Off-campus with 2Factor or
   Off-Campus without 2Factor.
   Note: If you haven’t already been set up for 2Factor, you need to use the last link above if you are off-campus.
2. Log into ZOOM with your myVWCC credentials.
3. Log into Outlook Online with your VWCC credentials.
4. Setup Call Forwarding for your phone on the web. You must be on campus or on a VDI for this link to work. The format for the number you are forwarding to is 915409990101 (91 + 10-digit phone number).
5. Bring your laptop to work to make sure it is patched and updated, and be sure to take it home every day.
6. Contact the Help Desk if you don’t have VDI access.
7. Keep your germs at home, share your contact info with your team!

How to Work From Home

Useful links and documentation

• Outlook web email, OneDrive, Teams
  • Office365 Tutorials (Microsoft)
  • Teams Tutorials (Microsoft)
• Download MS Office Software
• SIS, HR, Canvas, and Enterprise apps
• Zoom – Use your mic and camera
  • Zoom Tutorials
• Forward your telephone from on-campus or your VDI
• Google Hangouts/Meet – Video/Chat (use your myVWCC credentials)
  • Google Hangouts/Meet Tutorials
• IET Services Page

Don’t Have a Laptop?

Don’t have a laptop? You can use your personal computer, tablet/iPad (or even your phone) for e-mail, Teams, Zoom, OneDrive, Gmail, Google Drive, Word, Excel, PowerPoint, Chrome River, Canvas and more! Use Microsoft Teams or Google Hangouts for chat/IM.  You can use your VDI to access your shared drives.

Other Tips

• Exchange cell phone contacts with your peers.
• Download the clients for Zoom and Teams
• Check your home internet! Make sure it’s working!
• How to reset your MyVWCC password

Evil takes many forms.  During emergencies and times of great stress many evil doers will target you in an effort to profit or otherwise take advantage of the situation. 

The World Health Organization (WHO) has issued a warning that scammers are trying to trick people into sharing their account credentials through social engineering tactics or by sending email messages with malicious content or attachments.  You may be offered information by email concerning the COVID-19 disease or asked to contribute to a charitable concern to assist persons in need.  These scams come in the form of emails, websites, phone calls, text messages, and even fax messages.  Examples of suspicious behavior include asking for login information, sending unasked-for email attachments, directing you to malicious websites, or asking for direct donations to emergency response plans or funding appeals.

To avoid becoming a victim of these scams:

• Prior to opening an email, verify the sender by checking the email address
• If the message looks suspicious, don’t open attachments and delete the message
• Hover over and check the link before you click.  Do not click from mobile phones if you cannot check the link
• Be cautious about providing personal information
• Do not rush or feel under pressure to take action
• Identify and only use nationally recognized sites to obtain COVID-19 information
• Navigate to authoritative websites by keying in the URL directly into your web browser

Recommended sites and URLs to use for information concerning the source and spread of the disease:

• World Health Organization (WHO): Coronavirus disease (COVID-19)
  https://www.who.int/emergencies/diseases/novel-coronavirus-2019
• Centers for Disease Control: Coronavirus Disease 2019 (COVID-19)  
  https://www.cdc.gov/coronavirus/2019-ncov/index.html
• CDC: Interim Guidance for Administrators of US Institutions of Higher Education
  https://www.cdc.gov/coronavirus/2019-ncov/community/guidance-ihe-response.html
• The Virginia Department of Health    
  http://www.vdh.virginia.gov/surveillance-and-investigation/novel-coronavirus/

IET is adding measures to secure your email accounts by activating Two Step Verification for Office365 Outlook. This will protect against phishing attacks and other exploits by providing an extra layer of protection. The first step is what you use now, your user ID and password. With Two Step Verification, a second step, which could be a PIN code generated by an app, a code sent to a device of your choice or, if you use the Microsoft Authenticator app, just pressing an OK button, will also be required before you can access your account. If you use apps like Apple or Android Mail on your mobile device to read your email, you might also need to create a one-time app password, which is a code that gives an app or device permission to access your Office 365 account. For more on how to set it up for your email check out the links below.

• Set up 2-step verification for Office 365 – Office 365
• Sign in to Office 365 with 2-step verification – Office 365
• Use Microsoft Authenticator with Office 365

Please call or email the Help Desk if you have any questions.

If you received a message on Friday, July 12th that looks like the one below, it was a phishing attempt.  This was obviously a fake message just by looking at the email address it originated from and the language that was used.  We received 123 of these messages and blocked the address after that.

Please remain skeptical when receiving emails from high level officials or colleagues that don’t quite make sense or match a typical conversation you might have with them.  We will definitely see more scams like this in the future, so be on the lookout.

FAKE EMAIL FROM FRIDAY:

From: Robert H. Sandel <president79779@gmail.com>
Sent: Friday, July 12, 2019 3:10 PM
To: HelpDesk <helpdesk@virginiawestern.edu>
Subject:

Good day,

I’m stuck in a seminar right now and I need your assistance which I will appreciate your help a lot. Kindly drop your cell phone number to send you a text message.
Thanks

Dr. Robert H. Sandel
President
Virginia Western Community College

END FAKE EMAIL

There has been a significant increase in cyber-attacks in and around the Commonwealth of Virginia and some VCCS institutions have recently suffered security breaches.  These most recent attacks target tax information, W2s, banking information, and direct deposit payroll information.

The IRS has issued the following warning which contains some good information about steps you can take to prevent becoming a victim of these types of attacks.

https://www.irs.gov/newsroom/irs-security-summit-partners-warn-tax-professionals-of-fake-payroll-direct-deposit-and-wire-transfer-emails

Due to large student and email user populations, higher education institutions are often targets for of online attacks.  Although we have many protection mechanisms in place to keep our email and other systems secure, please do keep yourself safe by following our secure password instructions.  If you feel, for any reason, that your account has been compromised, immediately reset your password and contact the Help Desk.

VWCC Faculty/staff can reset their password using our Self-Service Portal. In order to use the Self-Service portal to reset your password or unlock your account, you must first enroll in the system. This must be done before your password expires and instructions can be found here.

Students can reset their password by using the “Forgot Password” link on the MyVWCC login page or by calling the Help Desk at (540) 857-7354.

As always, carefully scrutinize any email, link, or attachment before opening or responding to it and remember that the IET Help Desk or any valid organization like the IRS or any of your financial institutions will never ask you to click on a link to verify your user ID, password or account information.  Contact the IET Help Desk or your supervisor if you are concerned about any suspicious emails or if you have clicked on a questionable link.

More information about known scams and cyber-attacks can be found at the following links.

• https://www.ic3.gov/media/2018/180611.aspx
• https://www.ic3.gov/media/2018/180712.aspx
• https://www.ic3.gov/media/2018/181024.aspx

Be safe on the internet!!