Phishing Scheme directed towards our community 9/23/2016

Information Technology Servcies was notified of a phishing email that was directed at 1,700 email addresses.  If you received an email message with the subject UPDATE !!!!, do not click on the links embedded in the message.  Just mark the message as spam or delete the message.

Know that Information Technology Services will never ask you to provide verify your account or have you send us your login credentials through an email (no service should for that matter).  Our email service is supported by Google.  We have unlimited storage for email and your account stays with you for life.

Always delete any messages you receive asking you to provide login information, or with links to upgrade your account that seem to come from IWU.

You will want to change your password and scan your computer for viruses and malware if you clicked on the link in the message.

If you have any questions or issues please contact the Help Desk.

Redesigned ITS Website

Information Technology Services is launching a new website on August 22.  The new site was designed using analytics to determined what people were looking for when they visited the previous ITS website.  We hope you like the new clean and easy to navigate ITS website!

Thank you to Curtis Kelch and Geoff Castro for their work this summer as they met with others on card sorting sessions, design, and testing.  Thank you to the ITS staff for their input and testing as the site development progressed.


The campus portal MyIWU is changing on June 13. For the most part, the change is cosmetic. The way you log in, access important services like Banner Self-Service and email, and interact with channels like Campus Calendar and Announcements will stay the same. Most users should not experience any disruption when using the new portal. If you currently use Course Studio (My Courses), any Groups or the Luminis SunOne calendar, these services will no longer be available. Please contact Rick Lindquist ( for help with setting up new solutions for your courses or groups and get assistance with exporting your calendar to Google.

The new MyIWU will be more streamlined, and we are confident that these improvements will help you work more efficiently. If you have any questions about the new MyIWU, please contact the Help Desk in person in the Thorpe Center, by phone at x3900, or submit an online help request at

What Will Stay the Same
-URL (
-Log in with NetID and campus password
-Banner Self-Service Access
-Links to Campus Service Info
-Portal to email, Moodle, and Banner Self-Service

What Will Change
-New layout similar to other campus web pages
-Course Studio and Group Studio will no longer be available
-Luminis SunOne calendar will no longer be available
-Single Sign-on—eliminates double log-on when clicking on email or calendar

It is Time to Update Your Password

The new authentication system implemented in July of 2015, that supports logging in to IWU services such a email, Moodle, MyIWU, and the wireless network, requires a password change every 180 days for security purposes.  Those 180 days are up for much of the campus community this month.  Now is a good time to change your password prior to being prompted or wondering why you cannot login to IWU services when your password expires.

Here is what to do –

  • Go to
  • Enter your NetID  –  The part of your email address before
  • Enter your current password you use to check email, log on to MyIWU, etc.
  • Enter a new password to use for the next 180 days

You will need to enter your new password on your portable devices that are used to check email and/or access the wireless network.  Apple products will prompt you to enter the new password once your new password is created.  Those using Android products will need to go to settings on the device to update the passwords.

Please contact the ITS Helpdesk for assistance, or by phone at 309-556-3900.

Phishing and a reason to have a strong password

Many received an email today addressed from Illinois Wesleyan University with the subject line Illinois Wesleyan University Administrative Systems Alert.  I always enjoy when we can turn a phishing scheme into a learning experience.

The phishing process starts when an account is compromised.  In this case it was one of our student’s accounts.  The account was most likely compromised due to a weak password.  This is the main reason ITS stresses using strong account passwords.  A password that is 12+ characters long, and contains a combination of both upper and lower case letters, numbers, and special characters, is the best way to protect an account.

Once the account password was obtained by the phisher, the new owner of the account changed the sender’s name to show as Illinois Wesleyan University, crafted a poorly worded message (who uses the word implore?) with missing punctuation and misspelled words, and included a link that looks like it goes to an IWU server but under closer inspection does not.  This person then sent the message to many of us at IWU in an attempt to obtain passwords or to infect computers with a virus or malware.

So always delete any messages you receive asking you to provide login information, or with links to upgrade your account that seem to come from IWU.  We will never ask you to provide your login credentials through an email!  No service of any kind should ask for that matter.

You will want to change your password and scan your computer for viruses and malware if you clicked on the link in the message.

Please contact the ITS Help Desk at #3900 for assistance or with any questions.

ITS Service Interruptions

CIRBN, the University’s Internet provider, will be performing critical upgrades on network equipment in Bloomington, IL, on November 23, between 12:01am-2:00am. During this time, CIRBN reports that we may experience a brief service outage. Thank you for your patience.

On Wednesday, November 25, ITS staff members are performing maintenance on the blade server that supports the majority of computing services we use on campus. Email will be available, but most other services will be unavailable or very unreliable throughout the day. We suggest baking a pie or cookies instead of trying to get any work done.

Log-in Page Changing October 1st

The web page used by the campus community to access IWU online services will have a new look on October 1, 2015.  A simplified page will be presented when logging in to Gmail, Google Calendar, Google Drive, OmniUpdate, and Moodle.

So instead of the current login page –

orig auth


You will enter your NetID (the part before and password here –


The new Campus Authentication Page – Always be sure the web address for the login page begins with

The new look is being implemented for several reasons –

  1. Some mobile devices do not handle the current authentication page well which keeps these devices from accessing Gmail, Moodle, etc.
  2. The web page is the most accessed page on campus.  The simplified page reduces load times and server load.
  3. The web page is not a destination page, but a page that sends you to a destination.  There is no need for a complicated page


Phishing Schemes – IWU Information Technology Services will never ask you for your username and password!

The scammers are at it again.  We see phishing scheme activity increase with the start of each academic year.  Two phishing scheme email messages were received by many at IWU last evening.  The two messages provide us with a great learning opportunity on how to detect a phishing scheme.

Know that IWU Information Technology Services will NEVER ASK YOU TO PROVIDE YOUR USER NAME AND PASSWORD  via an email message.

The first message is poorly worded, and includes an inaccurate department name.  Your first clues that a message is a phishing scheme.  The message contains a link that directs you to a very legitimate looking copy of the IWU authentication page where we all go to login to IWU services.  If you were to enter your user name and password on this fake web page, the server hosting the fake site captures your user name and password.  Notice when you hover your cursor over the link (or any link for that matter), the link address is displayed in the lower left hand corner of your browser –  The server is not an IWU hosted server.  Yet another clue that this is a phishing scheme.  Always be aware of where a link is directing you.  Especially in a suspicious email.

This is the first phishing scheme received by many on campus –

From: IWU ALERT <>  – Not an IWU email account-Phishing Scheme Clue
Subject Illinois Wesleyan University Account® Alert   – Trademark symbol?

Dear User,
Recently, we are performing an emergency mail maintenance on our email network. 
Your account is one of the most essential account to be upgraded                      – Poorly written sentences
We therefore, implore you to follow our secure site to upgrade your account
Thank you,
Illinois Wesleyan University Technical Service – Technical Service?

The second message came from a compromised IWU account that was hacked due to a weak password.  Coming from an IWU account makes the message a bit more believable, but this person is not a member of the ITS Staff.  Strong passwords are important to protect your online identity

Date: September 16, 2015 at 3:18:23 AM CDT
To: Helpdesk Services <>
Subject:***IMPORTANT NOTICE*** ILLINOIS WESLEYAN UNIVERSITY MAILING INFORMATION – Notice the reply to address is a Russian domain

Kindly check the attached notice and reply with the needed information.

Help Desk Coordinator
Computing & Network Services

The message included a PDF attachment to fill out and send back to the Russian email address.  IWU ITS would never ask for your credentials

Your incoming emails were placed on pending due to the recent email
Verification in our database. In order to receive the messages, you are to      Poorly worded-be suspicious 
reply this email with the information as stated below for verification.

Password………………. ……………………………..\
Phone Number…………………………………………

Help Desk Coordinator
Computing & Network Services                – Not an ITS Department

  • IWU ITS will never ask you for your user name (NetID) and password
  • Know where links are taking your before you click
  • Verify the sender/reply to address – know where email messages are coming from
  • Phishing scheme messages are written poorly with inaccurate details
  • Our email system is supported by Google – a very competent email provider
  • Again – We will never ask you for your NetID/password combination
  • Just delete any message that you feel could be a phishing scheme
  • Call the ITS Help Desk if you are not sure

Password Assistance

We are working with the campus community to resolve any login issues associated with our recent system changes.

Here are some suggestions to successfully create to a new password –

  • You must know your current password – Please contact the ITS Help Desk at or at 309.556.3900, if you do not know your current password
  • Follow the new password criteria –
    • The password must be at least 9 characters long – A longer password is more secure
    • The password must contain one uppercase and one lower case letter
    • The password must contain at least one number
    • A symbol helps improve password security &, *, !, @, #, $, %, ^
    • Many dictionary words and commonly used password terms are rejected
    • Parts of your name or are rejected
    • Change your password here –
  • If you are not successful on the first try creating a password, keep trying until you receive the successfully changed message


Accessing the University Home Page on Campus

The move to a new authentication system went very well considering the complexity of the project.  We are still working with the campus community to resolve any login issues they may be having.

One unforeseen issue being reported is that the way we access the University home page on campus changed a little.

Before the changes on July 15th, you could enter in a web browser to accesss the University Home Page.  Since the change must be used on campus to access the home page.

We are sorry for any confusion this may be causing.