iPods, mobile phones, smartphones, USB sticks, laptops, GPS units...the list of gadgetry we use and store in our automobiles is nearly endless. Bad guys know this.

Have you ever visited a web site, and received a scary-looking pop-up, "Your computer may be infected!!!", or "Your computer is at risk!!!!"? The site then "helps" you by directing you to software that will "Clean your PC", "Improve your PC's speed!", or "Eliminate online threats".

Before you get rid of that old mobile phone in favor of a shiny new one, it's important that you reset/reformat the device to remove your personal information. Depending on how you use your phone, it may contain a great deal of valuable, personal data! Smartphones are especially likely to contain financial information, web browsing history, passwords, and the like.

It's October 1st, which means it's Cybersecurity Awareness Month. Never heard of it? Here's the rundown: The National Cyber Security Division of the Department of Homeland Security works with the National Cyber Security Alliance, the Multi-State Information Sharing and Analysis Center, and other groups in support of the National Cyber Security Awareness month campaign. Given the national recognition focused on cybersecurity issues during the month of October, KU also works to get the word out to faculty, staff, and students regarding information privacy and security issues.

The following alert was sent by the KU Comptroller's Office:

Alert: KU students have reported receiving calls or messages from a caller claiming to be from the KU Comptroller’s Office. The caller asks students to update banking information to a 1-800 number.

These calls are not coming from the university. Please do not respond to them. The university will not contact you and ask for information in this manner.

With apologies to Bonnie Lass and her very cute childrens' book.

Have you ever wondered what it looks like when a computer gets compromised with almost no intervention from its user? The folks over at Malware Database (watch your step over there, they research some pretty gnarly malware) have posted a video of a computer with a QuickTime vulnerability getting compromised because of that vulnerability.

We have completely disabled comments on the Be SeKUre blog until we can get some comment spam filters in place. This isn't our preferred way of doing things, by any means. We'd prefer a place where people can ask questions, make comments, disagree, agree, etc, but at this point we don't get much of that. We do get a lot of nasty spammy comments, though.

If you have a comment, a question, an idea for a blog entry, or just want to send us a note, you can always do so by leaving a message here.

Do you use GMail? Be sure to change your account settings so Gmail will require that you login and use a secure connection every time.

1. Sign in to Gmail.
2. Click Settings at the top of any Gmail page.
3. Set 'Browser Connection' to 'Always use https.'
4. Click Save Changes.
5. Reload Gmail.

The staff at the IT Security Office continue to see reports of spam with malicious attachments or spam with links to malicious content. This is nothing new--e-mail has been a popular method for compromising computers for years now. The people who want to control your computer are getting more and more creative, however. They promise shocking videos of horrific accidents or photographs of popular actresses in compromising positions. Here are a few we've seen in the abuse@ku.edu account lately:

Variations on a theme: Britney Spears