Security Tip of the Week
The information contained in this website is for general information purposes only. The information and articles provided by CSU Office of Information Security and while we endeavor to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on this website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Change Your Passwords
It's a well-known fact that passwords have generous money related incentive to cybercriminals. The significance of utilizing secure passwords is gradually increasing as you depend expanding measures of individual data to associations and organizations that can succumb to information breaches and secret passphrase leaks. In spite of the fact that there might be little you can do to counteract a substantial scale information breach, you can avoid potential risk by taking precaution of ensuring you create solid usernames and passwords for your online records.
While changing your password, make sure you follow these steps:
• Make it a sentence that is 12 or more characters long
• Make it unique to that account
• You may also need to contact your bank and other financial institutions to freeze your accounts so that the offender is not able to access your financial resources.
Learn more about Passphrases and Securing Your Accounts
Beware of Tornado Scammers
Recently, Columbus and other surrounding areas were hit with tornadoes that left some significant damage. Many people have been eager to make donations and step in to help. Sadly, there are scammers out there that are looking to take advantage of this unfortunate situation because they know you are at your low and it's easier to try to scam you.
Lookout for some of these fake organizations that are asking for donations through PayPal or Cash App. It has been recommended to only use organizations like Red Cross, Salvation Army, and local churches. You can check their credibility through the bbb.org website or google them to make sure that it is a good charity.
If you have damage from the storms be on the lookout for fake contractors who ask for money upfront, and then end up nowhere to be found. Make sure you validate that these contractors too. Make sure they have a license and make sure they have insurance.
You should not be expected to sign anything right away and if they ask you to do so then that should be a red flag right there.
Lastly, whether you're the storm victim who needs help or someone making donations, the Better Business Bureau says to always make payments with checks or credit cards and not debit. Never pay a contractor upfront in cash because there is no way to keep track of where your money is going.
Disposing of Your Mobile Device
Make sure you are disposing of it safely. Here are some tips from SAN Security Awareness
Risks of Public Wi-Fi
What is public Wi-Fi? Public Wi-Fi allows access to the internet for free and is typically found in places like airports, restaurants, and malls. Logging on to everyday activities like reading an email or checking your bank account could pose a threat to the safety of your personal information.
What are the risks?
• Man in the middle attacks - This is a common network threat where hackers alter the communication between your computer and the service/website you are using.
• Malware distribution - This is a case where attackers will slip some type of malware onto your computer or device without you knowing.
• Snooping and sniffing - This case is when attackers will use special software and devices to assist them with monitoring WiFi signals. This allows them to have full access to everything you are doing online.
• Malicious hotspots - This case is when attackers set up rogue hotspots to trick victims into connecting to what they think is a legitimate network because of the accuracy of its name.
Do's and Don'ts:
• Allow Wi-Fi to auto-connect to networks.
• Log into an account via an app if it contains sensitive information. Instead, go to the website and verify that it uses HTTPS.
• Leave Wi-Fi or Bluetooth on if you are not using it.
• Access websites that hold sensitive info (bank accounts, healthcare accounts).
• Log onto a network that is not protected by a password.
• Disable file sharing.
• Only visit websites using HTTPS.
• Log out of accounts when done using them.
• Use a VPN, to make sure that Wi-Fi connections are made private. Do your research on the different VPNs that you can use.
Data Privacy Day - January 28th
Data Privacy Day is an international effort held annually on January 28 to create awareness about the
importance of privacy and protecting personal information.
The day is officially led in North America by the National Cyber Security Alliance.
Best practices for creating passwords:
Don't use the same password for various accounts and always create a secure password:
- At least one lowercase letter
- At least one uppercase letter
- At least one numerical digit
- At least one of these special characters: @ ! $ ^ * ~ ( )
- At least 10 characters
Have You Been Pwned?
Recent news of major companies hit by data breaches can cause you to wonder if your information has been compromised. Author and ethical hacker Troy Hunt has created the website haveibeenpwned.com to answer that question. Simply enter your email address into this site, and it will tell you whether and where it has been impacted by any breaches.
This is an informational site suggested by the Office of Information Security, and is being provided for general purposes only. Here is a link to the website: Have I been Pwned?