As students kick off the fall semester this week, Marquette encourages everyone to conduct a cybersecurity check-up on their devices, online accounts and passwords.
“One of the most common vulnerabilities is using the same password for work, school, banking, shopping, etc. If one site gets hacked and the password database is stolen, the attackers now have access to all your accounts,” says Jeremy Edson, director of information security at Marquette. “Use a separate password for all your accounts and use a password manager to make remembering all those passwords easier. Most modern browsers have a password manager.”
Another issue for students is falling victim to phishing messages — job scams, in particular.
“If something sounds too good to be true, it probably is,” Edson says. “If a prospective employer emails you directly and asks you to reply to a different email address, that’s a huge red flag. Another red flag is if an employer wants you to cash an advance paycheck to send money back or buy supplies of some sort.”
The Office of Information Technology Services suggests following the seven steps below from Stop Think Connect, a global online safety awareness campaign to help all digital citizens stay safer and more secure online.
- Lock down your login
Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Strengthen online accounts and use strong authentication tools — like biometrics, security keys or a unique, one-time code through an app on your mobile device — whenever offered. Enable multifactor authentication for all accounts that support it.
- Keep a clean machine
Keep all software on internet-connected devices — including personal computers, smartphones and tablets — current to reduce risk of infection from ransomware and malware. Edson adds, “All technology has vulnerabilities, and keeping everything updated will protect you from malware, web exploits and in some cases social engineering attacks like phishing, vishing (voice call spam and phishing), and smishing (SMS phishing).”
- When in doubt, throw it out
Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark it as junk.
- Back it up
Protect your valuable work, music, photos and other digital information by making an electronic copy and storing it safely. If you have a copy of your data and your device falls victim to ransomware or other cyber threats, you will be able to restore the data from a backup.
- Own your online presence
Set the privacy and security settings on websites to your comfort level for information sharing. It is OK to limit how and with whom you share information.
- Share with care
Think before posting about yourself and others online. Consider what a post reveals, who might see it and how it might affect you or others.
- Personal information is like money. Value it. Protect it.
Information about you, such as purchase history or location, has value — just like money. Be thoughtful about who gets that information and how it is collected by apps, websites and all connected devices.
If any student, falls victim to a scam, contact the Marquette IT help desk at firstname.lastname@example.org or via phone at (414) 288-7799.