As many of you know, UMBC has had a large number of phishing attacks in the past few weeks. This has resulted in a number of compromised accounts which the attackers are using to setup fake web pages and send out large volumes of spam. In an attempt to better protect accounts from fake web pages, DoIT will be removing permissions from user AFS web volumes for accounts not currently using their web space (http://userpages.umbc.edu/~username).
This will not affect anyone who currently has a web page or stop anyone from creating a web page, but will stop automated attacks and make it more difficult for attackers to setup web pages on people’s accounts. The permission change is minor, and can be easily reversed by anyone wishing to use their web space moving forward.
Directions for how to re-enable your web directory, as well as general information regarding using userpages, can be found at https://wiki.umbc.edu/pages/viewpage.action?pageId=31195980. If you have questions or concerns please contact the Technology Support Center (x53838) and they will be happy to assist you.
Posted: October 21, 2013, 9:53 AM