CCIT News and Notices

CCIT This Week: Free Shred Day event; updates to the CheckIT process; beware of SEO poisoning

Posted on by Tara Stone

Week of November 10, 2025

Welcome to CCIT This Week, where we give you a rundown of news, events, tips and more. Follow us on social media for information and timely updates.

News

Free personal document shredding! On Monday, November 17, 2025 from 10 a.m. to 2 p.m., Clemson students, faculty, staff and community members can bring their personal documents to be shredded for free! The shred truck will be parked at the northeast corner of Littlejohn Coliseum.

Learn more about the free shred day event >>


Clemson’s CheckIT technology governance process has new updates to streamline approvals. Submit requests before making any purchase to avoid delays, and have the actual user submit rather than a proxy for faster processing. Recent updates include an expanded exceptions list, particularly for faculty using free research applications on the Palmetto Cluster.

Learn more about updates to the CheckIT process >>


Beware of SEO poisoning, where cybercriminals manipulate search results to push fake websites to the top. These malicious sites can steal your credentials or install malware. Protect yourself by carefully checking URLs for misspellings, being cautious of sponsored results, and typing trusted website addresses directly into your browser instead of searching for them.

Learn more about SEO poisoning >>

Events

Register for the first workshop on running LLMs on Palmetto from CCIT Research Computing and Data group! Join the RCD group on Wednesday, November 19 at 1 p.m. for a multi-part series on essential concepts related to large language models (LLMs) and works through the common steps in an LLM inference workflow. The first workshop focuses on efficiently running LLMs, rather than on constructing, training or fine-tuning them. Throughout the sessions, participants will learn how to use the Hugging Face Transformers library to run LLMs on the Palmetto Cluster. The workshop will also cover how to use the Palmetto Cluster to run LLMs on large datasets and how to use the Palmetto Cluster to run LLMs on multiple GPUs and multiple nodes.

View the RCD workshop schedule >>


Learn how to design effective assessments in an AI world with Clemson Online! Join Clemson Online on Wednesday, November 12 at 1:30 p.m. to learn more about designing effective assignments with Generative AI in mind, from integrating AI into your students’ learning to trying to encourage students to leave AI out of class assessments

Learn more and register at the Clemson Online website >>

November Tech Tip

Follow these online holiday shopping tips to stay safe while shopping for the holidays! Before you shop online, make sure you’re staying safe: shop only from trusted sites, use strong passwords and 2FA, and avoid public wifi. Check out our full list of holiday shopping safety tips at the link below.

Learn how to stay safe while shopping online >>
Posted in News

SEO Poisoning

Posted on by Patrick McGee

Have you ever searched for something on the internet using your favorite browser search engine and gotten results that are completely wrong? For example, you search for your specific car insurance company’s official website. However, the top results you see may list the name of your car company, but the website URL is not your company’s official website.

These types of results can be caused by Search Engine Optimization (SEO) Poisoning. In this type of attack, cybercriminals employ various methods to manipulate search engine results, attempting to redirect traffic to their malicious websites. On these fake websites, users may be prompted to enter their personal account credentials, which the attackers will steal, or the fake sites may include malware that is unknowingly downloaded to the user’s computer.

To avoid SEO Poisoning:

  • Always visually verify links before clicking. Examine the URL carefully. Look for name misspellings or letter substitutions in the domain name. Double-check that the domain extension (.com, .edu, .gov, etc.) is correct.

  • Be skeptical of the top results. Many of the first results are often “sponsored” results, meaning that they are paid to be listed first, regardless of your actual search results.

  • Go directly to official websites. If you know the URL of the actual website you want, such as Amazon, then type “amazon.com” directly into the browser address bar, rather than searching for “Amazon”.
Woman holding phone with text displayed over image saying "Search Engine Poisoning" and a poison symbol.

Posted in Cybersecurity Alerts

Online Holiday Shopping Tips from CCIT

Posted on by ccitnews

An older woman shops on a laptop while holding her phone, with holiday decorations in the background.To help promote awareness during the holiday shopping season, the Office of Information Security would like to share some safe online shopping tips.  Best wishes to all during the upcoming holidays!

For more tips about staying safe online (and beyond), visit the CCIT Cybersecurity page.

Shop at secure websites that you trust

Play it safe by doing online business with trusted retailers you have shopped with before.  If you are tempted to buy from a new website, research the company name before providing your payment information.  When making credit/debit card payments look for website addresses that start with HTTPS and have a lock icon, which indicate a secure website.

Avoid public Wi-Fi

You might be tempted to shop online at a coffee shop or other location with free Wi-Fi.  Browsing the websites may be acceptable, but do not make credit/debit card payments from a public Wi-Fi unless you have started a VPN (Virtual Private Network) session from your device.  VPN creates a secure tunnel, making your data safer from interception by nearby hackers. Clemson has a free VPN you can use with your Clemson username, password and Duo authentication. You can find more information in our Services section, and if you’re using a computer, you can find step-by-step instructions in our Knowledge Base.

Create strong, unique passwords

Use a unique pass phrase for each website, and keep it private.  Do not use your University password when creating accounts with online merchants.

Beware of fake delivery notifications

With packages often delayed, be wary of fake shipping alerts. Don’t click on links from delivery notification emails or texts you aren’t expecting, especially if they require “verification” from you. Visit the delivery company or vendor’s website to track your package safely.

Watch out for email scams

Holiday deals presented via email are tempting, but if the advertisement seems too good to be true, it probably is. Instead of clicking on an email link, view information directly from the merchant’s website. And don’t forget, if you get something that looks like an email scam in your Microsoft Outlook, report it to CCIT with our button.

Don’t give out too much information

Merchant websites should never prompt for your social security number.  Other than your shipping address and phone number, be very wary when asked for personal information.  Call the customer service line when in doubt.

Check your statements and take action immediately

Regularly check your bank and credit card statements for unauthorized transactions, and set up account activity alerts wherever possible.  If you suspect a fraudulent transaction has occurred, immediately contact your bank or credit card company to report the unauthorized activity.

Posted in News

CheckIT updates to further streamline the technology governance process

Posted on by ccitnews

Clemson University’s technology governance process, CheckIT, continues to evolve to better serve faculty, staff and researchers as they evaluate, purchase or renew technology solutions.

University employees are reminded to complete the CheckIT process before making any purchase or contract commitment. Submitting a request after a purchase has already been made can lead to delays, unplanned costs or—in some cases—inability to approve use of the product.

To help ensure timely approvals, CCIT also encourages the actual user or project owner, rather than an administrative assistant or proxy, to submit CheckIT requests. The person who will be using the software or service is often best equipped to answer the technical and usage questions that determine risk and compliance. Requests submitted by individuals without the necessary details slow down the process for everyone.

Recent updates include an expanded exceptions list, particularly benefiting faculty using free research applications on the Palmetto Cluster. If you are in doubt about whether to submit a solution for review, please reach out to itgov@clemson.edu.

Finally, campus users should begin preparing for the end-of-year freeze period in mid-December through the first week of January. New requests during this time will not be processed until the new year.

For more information, including the updated exceptions list and submission guidance, visit clemson.edu/ccit/checkit.

Posted in News

Shred Your Documents At A Free Campus Event

Posted on by ccitnews

On Monday, November 17, 2025 the thirteenth annual Shred Bowl event returns to Clemson University’s campus. This document shred day is a free opportunity for Clemson staff, faculty, students and community members to bring their documents to be destroyed in a safe environment. Document shredding is another way to protect important personal information and is a strongly encouraged best practice. Please note that this event does not include official Clemson University records. Faculty and staff are encouraged to follow the guidelines from Records Management for guidance on any official University records.

This year’s event will occur in the Littlejohn parking lot between 10 a.m. and 2 pm. (219 Perimeter Rd, Clemson, SC 29634). Each vehicle is limited to three (3) boxes (copy paper box or smaller) or three (3) bags (kitchen trash bag or smaller). It is not necessary to remove binder clips, binders, paper clips, rubber bands, or staples. The image below shows where the shred truck will be located:

For more information about this year’s Shred Bowl with Shred 360 event, please visit this link.

Posted in News

AI Summarization Vulnerability

Posted on by Patrick McGee

Artificial Intelligence (AI) continues to grow in popularity as a tool that can help users do all sorts of things. Unfortunately, cybercriminals understand that and are also using AI for their scams.

One of the common ways that people use AI is to have it summarize content, such as an email, a large document or a spreadsheet. But cybercriminals are taking advantage of that AI usage by embedding hidden and malicious AI instructions in files that are unseen by the user.

For example, a user could receive a lengthy email, and they use AI to summarize the message. But embedded in the email could be a hidden, malicious AI prompt that could force your AI program to search for and read other sensitive emails and documents, which could then be sent to the attacker.

Even documents like an Excel spreadsheet that you ask AI to summarize could contain hidden white text on a white background across multiple sheets, which contain AI task modifications and commands that could hijack your AI’s processes and behavior.

To help avoid falling for this type of scam, users should not open files from people that they do not know, nor open a file that they are not expecting. Also, you should carefully consider what content you have AI summarize or process for you, as well as monitor any AI outputs very closely.

A hooded hacker, masked and cloaked in a dark background, holds artificial intelligence circuitry.
Posted in Cybersecurity Alerts

How to update your preferred first name in Microsoft 365 

Posted on by ccitnews

As Microsoft updates are applied, some Clemson University faculty and staff may notice changes to their names on the Microsoft 365 accounts or in Outlook. To modify or revert your first name back to a preferred first name, there are a few steps to follow:

  1. Go to: my.clemson.edu
  2. Click: the top-right profile icon and select “log in”
  3. Log in: using your Clemson credentials
  4. Click: on your profile picture in the upper right corner
  5. Select: “My Profile”
  6. Click: “Set a preferred name”
  7. Review: the information, select “I Agree,” enter your preferred name (32 characters or less, alpha characters, space, or hyphen only), and select “Save”

Please note that these changes may take a day to update across the systems. If you have any additional issues or questions, contact your area’s IT consultant or the CCIT Support Center.  

Posted in News

Accessing Kronos Beginning September 8, 2025 

Posted on by ccitnews

Following a recent update to Kronos, University users will now need to use a new link to log in. The new Kronos URL, effective September 8, 2025, is: https://kronos.app.clemson.edu/

If you currently have the old Kronos link saved in your bookmarks, please update it to the new URL.

For Kronos mobile app users:
If you use the Kronos mobile app (also known as UKG Workforce Central), follow the instructions below to update the server URL within the app settings to the new URL. Open the UKG Workforce Central settings, remove the old server URL and replace it with: https://kronos.app.clemson.edu/wfc

From an iPhone (pictured left):

  1. Open Settings
  2. Select Apps
  3. Select UKG Workforce Central
  4. Paste https://kronos.app.clemson.edu/wfc in the Server URL field.

From an Android phone (pictured right):

  1. Open the UKG Workforce Central app
  2. Tap on the three vertical dots on the bottom menu bar
  3. Select Settings
  4. Select Server Address
  5. Paste https://kronos.app.clemson.edu/wfc in the Server Address field
  6. Select ‘OK’
Kronos app settings for iPhone (left) and Android (right)

Please note that the app may take a few minutes to load after changing the Server URL. Follow these instructions if you need to set up the Kronos app on your device for the first time.

If you are still having issues accessing Kronos via web or mobile, contact the CCIT Support Center or your area’s IT consultant.

Posted in News

SharePoint File Share Fake

Posted on by Patrick McGee

Clemson University users are experiencing an increase in a SharePoint-related cyberattack, like the email pictured below. In this scheme, cybercriminals have likely already compromised a legitimate user and are using the account’s SharePoint site to send a document share email to other users. Sharing files through this method can sometimes circumvent security tools, which could possibly detect these malicious files.

The shared file could be a Word document, a PDF or a similar type of file. The file can contain malware that would infect your computer if you opened it, or it may ask you to log in with your Clemson credentials before you can see the file. This would allow them to steal your login and password information.

To avoid this scam, you should do the following:

  • Always use extra caution before opening any file sent to you, especially if you do not know the sender or if you are not expecting a file.

  • Avoid opening an email attachment file if you see the External Sender banner on any email. Those emails are coming from someone outside of Clemson.

  • Before logging in with your Clemson credentials, you should first verify that the URL has “clemson.edu” as the domain address.

  • If you do receive an email that you are unsure about, please use the Report Phishing button in Outlook, and the CCIT Security Team will be happy to investigate it for you to determine if it is legitimate and safe to open.

Screen shot of email from SharePoint asking to share a file with user. Email has the External Sender banner on it.

Posted in Cybersecurity Alerts1 Comment on SharePoint File Share Fake

First-year laptop set-up workshops to help students prepare for a new semester

Posted on by Tara Stone

Teams of CCIT employees are excited to help new first-year students ensure their laptops are ready for a new semester and academic year. On Friday, August 15 and Tuesday, August 19, students can bring their laptops to workshop sessions for their types of laptops (Windows or macOS). These hour-long sessions will begin at the top of each hour from 10 a.m. through 4 p.m. both days, with the last workshop starting at 3 p.m. each day. These workshops will inform students about CCIT’s software offerings and cover basic set-up topics such as connecting to eduroam for wifi, accessing Adobe products, ensuring their email accounts are working and getting answers to any other questions. Students must register in advance to secure their spot and arrive on time at the start of each session.

View the workshop schedule and register online

Posted in News1 Comment on First-year laptop set-up workshops to help students prepare for a new semester