CCIT News and Notices

AI Summarization Vulnerability

Artificial Intelligence (AI) continues to grow in popularity as a tool that can help users do all sorts of things. Unfortunately, cybercriminals understand that and are also using AI for their scams.

One of the common ways that people use AI is to have it summarize content, such as an email, a large document or a spreadsheet. But cybercriminals are taking advantage of that AI usage by embedding hidden and malicious AI instructions in files that are unseen by the user.

For example, a user could receive a lengthy email, and they use AI to summarize the message. But embedded in the email could be a hidden, malicious AI prompt that could force your AI program to search for and read other sensitive emails and documents, which could then be sent to the attacker.

Even documents like an Excel spreadsheet that you ask AI to summarize could contain hidden white text on a white background across multiple sheets, which contain AI task modifications and commands that could hijack your AI’s processes and behavior.

To help avoid falling for this type of scam, users should not open files from people that they do not know, nor open a file that they are not expecting. Also, you should carefully consider what content you have AI summarize or process for you, as well as monitor any AI outputs very closely.

A hooded hacker, masked and cloaked in a dark background, holds artificial intelligence circuitry.

How to update your preferred first name in Microsoft 365 

As Microsoft updates are applied, some Clemson University faculty and staff may notice changes to their names on the Microsoft 365 accounts or in Outlook. To modify or revert your first name back to a preferred first name, there are a few steps to follow:

  1. Go to: my.clemson.edu
  2. Click: the top-right profile icon and select “log in”
  3. Log in: using your Clemson credentials
  4. Click: on your profile picture in the upper right corner
  5. Select: “My Profile”
  6. Click: “Set a preferred name”
  7. Review: the information, select “I Agree,” enter your preferred name (32 characters or less, alpha characters, space, or hyphen only), and select “Save”

Please note that these changes may take a day to update across the systems. If you have any additional issues or questions, contact your area’s IT consultant or the CCIT Support Center.  

Accessing Kronos Beginning September 8, 2025 

Following a recent update to Kronos, University users will now need to use a new link to log in. The new Kronos URL, effective September 8, 2025, is: https://kronos.app.clemson.edu/

If you currently have the old Kronos link saved in your bookmarks, please update it to the new URL.

For Kronos mobile app users:
If you use the Kronos mobile app (also known as UKG Workforce Central), follow the instructions below to update the server URL within the app settings to the new URL. Open the UKG Workforce Central settings, remove the old server URL and replace it with: https://kronos.app.clemson.edu/wfc

From an iPhone (pictured left):

  1. Open Settings
  2. Select Apps
  3. Select UKG Workforce Central
  4. Paste https://kronos.app.clemson.edu/wfc in the Server URL field.

From an Android phone (pictured right):

  1. Open the UKG Workforce Central app
  2. Tap on the three vertical dots on the bottom menu bar
  3. Select Settings
  4. Select Server Address
  5. Paste https://kronos.app.clemson.edu/wfc in the Server Address field
  6. Select ‘OK’
Kronos app settings for iPhone (left) and Android (right)

Please note that the app may take a few minutes to load after changing the Server URL. Follow these instructions if you need to set up the Kronos app on your device for the first time.

If you are still having issues accessing Kronos via web or mobile, contact the CCIT Support Center or your area’s IT consultant.

SharePoint File Share Fake

Clemson University users are experiencing an increase in a SharePoint-related cyberattack, like the email pictured below. In this scheme, cybercriminals have likely already compromised a legitimate user and are using the account’s SharePoint site to send a document share email to other users. Sharing files through this method can sometimes circumvent security tools, which could possibly detect these malicious files.

The shared file could be a Word document, a PDF or a similar type of file. The file can contain malware that would infect your computer if you opened it, or it may ask you to log in with your Clemson credentials before you can see the file. This would allow them to steal your login and password information.

To avoid this scam, you should do the following:

  • Always use extra caution before opening any file sent to you, especially if you do not know the sender or if you are not expecting a file.

  • Avoid opening an email attachment file if you see the External Sender banner on any email. Those emails are coming from someone outside of Clemson.

  • Before logging in with your Clemson credentials, you should first verify that the URL has “clemson.edu” as the domain address.

  • If you do receive an email that you are unsure about, please use the Report Phishing button in Outlook, and the CCIT Security Team will be happy to investigate it for you to determine if it is legitimate and safe to open.

Screen shot of email from SharePoint asking to share a file with user. Email has the External Sender banner on it.

First-year laptop set-up workshops to help students prepare for a new semester

Teams of CCIT employees are excited to help new first-year students ensure their laptops are ready for a new semester and academic year. On Friday, August 15 and Tuesday, August 19, students can bring their laptops to workshop sessions for their types of laptops (Windows or macOS). These hour-long sessions will begin at the top of each hour from 10 a.m. through 4 p.m. both days, with the last workshop starting at 3 p.m. each day. These workshops will inform students about CCIT’s software offerings and cover basic set-up topics such as connecting to eduroam for wifi, accessing Adobe products, ensuring their email accounts are working and getting answers to any other questions. Students must register in advance to secure their spot and arrive on time at the start of each session.

Passwords expiring for many Clemson accounts on July 31 to enhance security

New passwords must be at least 20 characters long, contain no username or blocked words, and can't be detected in a data breach.

To enhance digital security, Clemson Computing and Information Technology (CCIT) is enforcing password expiration for approximately 30,000 Clemson University accounts to help protect data and personal information. While this change will not impact all Clemson users, those who are impacted will receive instructions for the expiration and creation of a new password for their Clemson account. This effort is to strengthen security for accounts that were identified with vulnerable passwords. In the age of artificial intelligence and high performance computing, strong passwords are some of our best defenses against threats or bad actors. 

What to expect

  • CCIT engineers will prompt password expiration for specific accounts on the morning of July 31, 2025. 
  • The identified users will be emailed more detailed information about what to expect. 
  • Users are required to create passwords that meet the new security requirements. 

If you need assistance during the password change process, please contact the CCIT Support Center. Those who are not identified in this round of expiration are also welcome to strengthen their passwords to the more secure passphrase format at any time. 

Report Phishing button change in Microsoft Outlook

Screenshot of the Report button in Outlook

Clemson University faculty, staff and students using Microsoft Outlook for email can now use the generic Report button to report phishing or junk emails. Reporting an email through this method will still send your email to the Clemson Security Operations Center (CSOC) for review and investigation. The Security Shield Report button has been removed from Outlook to help streamline this process.

But if you need to provide additional information beyond just reporting an email, use the Report Phishing Service through the TigerHub system.

Please contact the CCIT Support Center if you have any questions.


Malware in AI Tools

Cybercriminals are leveraging the high interest in artificial intelligence (AI) tools as part of new targeted campaigns. These often appear as “free” AI tools or in false advertisements that link to sites impersonating an official AI site.

If downloaded, the fake AI tool will include a ransomware executable, which will encrypt files and demand payment to unlock the user’s content.

Here are some tips to help avoid falling for this scam:

  • Only download from official websites. Always examine the URL carefully.
  • Be suspicious of “free” tools or offers that seem too good to be true.
  • Research a company or product first before downloading anything.
  • Scan files with security tools before opening them.

If you need assistance with downloading AI tools, please contact your Clemson University IT Consultant.


Copy to Fix Scam

Proofpoint has recently discovered a new attack vector that cybercriminals are using to compromise users’ computers. In this scheme, users are prompted with a notification pop-up on a webpage, in a Word document or when opening a PDF file, saying that there is a problem. And the notification will include a button saying something like “How to Fix” or “Auto-Fix”.

The fake instructions for how to “fix” the problem will typically ask the user to copy and paste some code into Windows PowerShell or the Run dialog box. Because this code is only being copied and pasted, most antivirus software will not have an opportunity to inspect and catch the malicious code. Once this code is run by the victim on their computer, it triggers the download of additional malware and other nefarious activities.

Clemson University users should exercise caution if presented with this error, and it is recommended to reach out to the area’s IT Consultant for assistance.

For additional details, please see the full article on the Proofpoint website.

A screenshot of a  malicious pop-up that tells the user there is something wrong with displaying a page and a button to 'Copy fix' the issue.

Windows 10 To Windows 11 Upgrades For University-Owned Devices

As Microsoft discontinues support for Windows 10 later this year, all University-owned devices running Windows operating systems are forced to upgrade to Windows 11. To ensure you continue to receive important security updates, performance enhancements, and ongoing support, CCIT engineers will be upgrading all University-owned devices currently running Windows 10 to Windows 11

What This Means for You: 

  • Automatic Upgrade: CCIT will handle the upgrade process for you, minimizing any disruption. 
  • Improved Security & Performance: Windows 11 is designed with modern security features and performance improvements to keep your systems running smoothly. 
  • New Features: Enjoy a refreshed interface, productivity enhancements, and better support for hybrid work environments. 

Upgrade Timeline:

A phased approach to upgrades begins on May 15, 2025 and will continue on a weekly basis through August 28. Impacted users will receive an email from CCIT with their scheduled upgrade window. 

If you have any questions or would like to discuss your upgrade timeline, feel free to reach out to your local IT Consultant, or email ithelp@clemson.edu.  

Resources to Help You Prepare:
Here are some helpful resources about Windows 11 and the transition: