Security Tip of the Week
From the desk of Christian Payton Hinton
Office of Information Security Student Assistant
The information contained in this website is for general information purposes only. The information and articles provided by CSU Office of Information Security and while we endeavor to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on this website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
This week the U.S. Department of Homeland security reported an increase in cybercrime attempts directed to government agencies.
Sadly, just yeasterday we were apprised by the Georgia Technology Authority (GTA) that a state agency was also the target of an attack.
To address these increases in cybercrime, additional measures to protect against attack include the following:
· Be wary of unsolicited phone calls, visits or email messages from unknown individuals who are inquiring about internal information or information about you or other employees.
· Do not disclose information about our organization to individuals who are not authorized to have the information.
· Do not disclose personal or financial information through email, nor respond to requests for this information via email.
Always remember PURLS when evaluating emails for their legitimacy:
Pretend - Scams may use real logos or appear to originate from people we know and pose as legitimate messages.
Urgency - Scams often convey a sense of urgency or a threat of action if ignored.
Resemblance - Many scams use email addresses resembling familiar legitimate businesses.
Links - By resting your mouse pointer over but not clicking on a link, you can determine if the link matches the text.
Spelling - Many scam emails contain spelling and grammar errors.
Monday, December 4th - Is our CSU Critical Document Shredding Campaign on Main Campus
Faculty & Staff we need you to start gathering your outdated sensitive documents and submitting an eQuest for pick up.
For safety precautions it is best to have outdated official university records destroyed based on the University Records Disposal Guidelines.
Please review your documents and participate in the campaign!
Cyber Tips for Holiday Shopping
Cheers to a cybersecure holiday season! Cyber Monday 2017 – less than two weeks away – is expected to be the biggest shopping day in U.S. history, and roughly 80 percent of adults purchase products online. Mobile has taken over holiday gift giving: last year, half of website visits and 30 percent of online sales were conducted via mobile devices. And technology ranks high on shopping lists, too – from new laptops and gaming systems to tablets, the latest phones and Internet of Things devices like video cameras, toys and appliances.
Whether you are giving the gift of connectivity or using it yourself, don't let hackers mess with the merriment. The National Cyber Security Alliance reminds everyone that all devices connected to the internet must be protected. Read more on Holiday Shopping Tips by StaySafeOnline.
NSCAM: The Internet of Things Wants You!
A career in Cybersecurity is about protecting the internet, a critical resource we all depend on.
If you haven't thought about a cybersecurity career, you'll be happy to know that you are probably more interested than you think.
There are job everywhere for Cybersecurity and not all positions require extensive technical skills
You can learn about Cybersecurity Careers by checking out this: Infographic provided by StaySafeOnline
NSCAM: Inside Your Connected Home
Every day, your house connects to the internet in ways you might not even realize – today's appliances, toys, lighting, TVs, cameras are rapidly advancing in technology. And outside your home, there's so much more that's connected – from your car to the roads you travel on to your whole city.
You can learn about how to protect your connected home by
checking out this: Infographic provided by StaySafeOnline!(PDF)
How Do I Detect an "ADP" Phishing Email?
The University System of Georgia Shared Services Center (SSC) wants to help you protect yourself from
possible "ADP" phishing attempts where people pose as a reputable entity with the purpose
of obtaining your sensitive information.
What Can Happen if My ADP Account is Compromised?
• Your direct deposit account information can be changed to a fraudulent account.
• If the pre-note option is not in place, funds may disperse to the fraudulent account.
• The fraudulent information has the potential to flow into other systems, such as PS Financials and could possibly effect expense reimbursements. Read More (PDF)
Wise giving in the wake of Hurricane Harvey
Consider these tips when asked to give:
- Donate to charities you know and trust.
- Be alert for charities that seem to have sprung up overnight in connection with current events.
- Designate the disaster.
- Never click on links or open attachments in e-mails unless you know who sent it.
- Don't assume that charity messages posted on social media are legitimate.
- When texting to donate, confirm the number with the source before you donate.
- Find out if the charity or fundraiser must be registered in your state.
Credit: Federal Trade Commission
A Costly Low-Cost Trial Offer
You've probably seen online ads with offers to let you try a product – or a service – for a very low cost, or even for free. Sometimes they're tempting: I mean, who doesn't want whiter teeth for a dollar plus
shipping? Until the great deal turns into a rip-off. That's what the FTC says happened in a case it announced
The defendants sold tooth-whitening products under various names, and hired other companies to help them market the products. These affiliate marketers created online surveys, as well as ads for free or
low-cost trials – all to drive people to the product's website. Read more about this scam (PDF)
Sources: Federal Trade Commission
"Free" Computer Scans
Messages telling you to install and update security software for your computer seem to be everywhere. So you might be tempted by an offer of a "free security scan," especially when faced with a pop-up, an email, or an ad that claims "malicious software" has already been found on your machine. Unfortunately, it's likely that the scary message is a come-on for a rip-off.
The free scan claims to find a host of problems, and within seconds, you're getting urgent pop-ups to buy security software. After you agree to spend $40 or more on the software, the program tells you that your problems are fixed. The reality: there was nothing to fix. And what's worse, the program now installed on your computer could be harmful.
Criminals use undetectable "Shimmers" in new credit card scam
Shimmers are thin skimmers that fit inside where you swipe your Credit Card. These devices scan your Credit Cards chip and stores its data
Remember these tips to try and avoid them
- Use the contactless tap-and-go feature on your credit or debit card in stead of swiping or inserting your card.
- Use contactless mobile services such as Apple Pay or
- Samsung Pay to tap and pay.
- If you're withdrawing cash at a bank, go inside to a teller.
- Use ATMs in banks rather than a more vulnerable standalone machine.
- Cover the keypad with your hand when entering your PIN.
- Don't proceed with a transaction if your card encounters resistance when it is inserted.
- Contact the bank, merchant and your card issuer is you suspect your card has been compromised.
References: Fox19 , Themerkle, WTVM, CBS
Cyber Security Tips While on Vacation
When you travel, there probably are a few must-haves in your suitcase: your toothbrush, deodorant,
socks, shoes – you get the idea. But one travel must-have we don't always think about is security.
An identity thief stole my phone!
Identity theft can happen to anyone. A fraud investigator will tell you about their identity theft.
Knowing how to respond will help you if you ever have to recover your identity. Read more about the identity thief.
Source: Federal Trade Commission - Consumer Information
Student loan scam gets an F from the FTC
The costs of student loans and fees can be overwhelming. You might see online ads that promise to help lower your payments or get your loans forgiven. But be wary of companies that make those promises, and never pay an upfront fee. Read more about the scam.