It’s National Cybersecurity Awareness Month! The Office of Information Technology wants you to stay safe and secure
October 22, 2019
Early in the semester we saw the highest ever number of connected devices on the campus network. Peaks have seen over 25,000 concurrent clients on wireless alone. With a major shift toward the Internet of Things (IoT), there is an increased threat of cyber-attacks both on and off campus.
October is National Cybersecurity Awareness Month and the best way to deal with a cyber-attack is to protect yourself from becoming a victim in the first place. To do this, we have four cyber safety tips to share with you.
Learn how to spot a phishing attack – beware of suspicious emails
Phishing is the attempt to gain personal information, such as passwords and bank information, through malicious emails. At first glance, these emails may appear to be from a reputable source, like someone you know. However, they are written by malicious actors who are counting on you being distracted when reading them. They attempt to create a sense of urgency, hoping that you’ll act without slowing down and thinking things through. Often, the emails are poorly written with grammar and spelling mistakes.
They may come from email addresses that look familiar but when you hover your mouse over them to view the actual address, they turn out to merely be look-alikes. For instance, they might come from email@example.com instead of @unr.edu.
If you question the validity of an email, please do not respond or take any requested actions, including clicking any links. Instead, forward the email to firstname.lastname@example.org where a member of the Information Security team can evaluate the legitimacy of the email.
Create strong passwords (or use a password manager!)
Strong passwords are one of the most powerful ways to protect your accounts and devices. The best practice is to use passphrases – a sentence that you turn into a password that can also be combined with numbers and symbols. Make sure that your password is more than 8 characters long, contains a mix of characters, never contains personal information, and that you never share it with anyone.
You want to be sure to change passwords frequently. On occasion, old password information has been hacked and stolen from companies. Malicious actors can gain access to other accounts if you are utilizing the same compromised password. It is imperative to not only use unique passwords for every account, but to also change any passwords that appear to have been breached.
If remembering multiple, complicated passwords seems like a daunting task, there are password manager services offered free of charge that can help you create, store and manage your passwords and your recovery information for multiple accounts. Learn more about password managers on Information Security’s Password Manager webpage.
Log out! Never walk away from an unlocked computer on campus
Our campus is public, which means anyone can come here at any time. Protect yourself from malicious actors by making sure you never walk away (even just for a moment to print something) without locking your computer screen or logging out. Public workstations are one of the most vulnerable places for cybersecurity so you want to make sure you don’t save passwords to browsers when using public workstations, don’t save personal documents on the hard drives, and don’t leave your computer logged in and open, ever.
Know the latest scams – including the gift card scam
One of the most popular scams currently circulating involves gift cards and your boss. The malicious actors target organizations by figuring out who is in charge, making accounts that appear to be from the boss, and then sending a targeted string of emails to the employees. They usually suggest that the boss is in a meeting and cannot be reached via phone, but that they urgently need you to either buy and send gift cards or to transfer funds to a certain account. When you see this, immediately forward the email to email@example.com and delete the email from your inbox. Don’t reply to the emails, and certainly don’t buy the gift cards or transfer funds.
When you practice safety with your cyber activity, you’re less likely to become the victim of a cyber-attack. Knowing the dangers, looking for the signs, and taking preventative measures to protect yourself can save you time, money, effort and keep your information secure. For questions regarding information security, please contact firstname.lastname@example.org where a member from the Information Security team can assist.
If you’d like to participate in free online, self-paced security awareness training for faculty and staff, please visit the Information Security Training webpage. Please note: In order to enroll in a course, employees must have a valid NetID and institutional email address. In addition, student employees must have a valid NetID and UNR Gmail address.