There are ever-increasing threats from state-sponsored cyber operators who are trying to access your systems and information to use them for their nefarious purposes.
Here are four simple steps that can help keep you safe.
1. Phishing emails and text messages are the number one way for bad operators to get malware on a system or steal login credentials.
- Avoid clicking on hyperlinks in unexpected emails/texts.
- Hover over links to verify authenticity.
- Also ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.
- Don’t be bullied. Don’t let the person sending the message trick you into doing something you wouldn’t normally do.
- Like giving out personal or financial information because you need to act now.
- Or just because they say that they are from the government/Bank/Microsoft and you need to validate this information now.
2. Keep your systems up-to-date.
- Make sure to install all security updates provided by your system's OS vendor.
- Microsoft releases updates the second Tuesday of each month.
- Apple, Android, and Linux release security updates as needed.
- Check the applications you have installed on your systems for security updates.
- Most apps have a "check for update" or an "about" menu choice that will check if there is a new version available.
- Uninstall apps you no longer use. Just because you no longer use it doesn’t mean the bad operators can’t.
3. Make sure your computer’s antivirus (endpoint protection) software is running and is up to date.
4. Trust your gut. If something doesn’t feel right, slow down and don’t do anything fast. Speed is the bad operator’s friend. Slowing down and thinking is yours.
- Your bank is calling about a problem. Call them back on a validated phone number.
- “Thanks for the purchase please call this number to dispute the expense” type message. Check your account the normal way. Was there a debit from your account? No, then no problem.
- Never give your personal or financial information on a phone call, email or text message you didn’t start.
- If you are already logged into your account you should not have to log in again to read a document.
You can report any suspicious email by forwarding them to Danny Fox, Senior Information Technology Security Officer, at dfox2@su.edu.