Cyber Security Awareness
DIT (the Division of Information Technology) has curated the following cyber security awareness resources for ECSU students.
Protect Your Email Accounts
How You Know You’ve Been Hacked
You might have been hacked if:
- friends and family are getting emails or messages you didn’t send
- your Sent messages folder has messages you didn’t send, or it has been emptied
- your social media accounts have posts you didn’t make
- you can’t log into your email or social media account
In the case of emails with random links, it’s possible your email address was “spoofed,” or faked, and hackers don’t actually have access to your account. But you’ll want to take action, just in case.
What To Do When You’ve Been Hacked
1. Update your system and delete any malware and make sure your security software is up-to-date
If you don’t have security software, get it. (Free AntiVirus/Malware software for ECSU students below). But install security software only from reputable, well-known companies. Then, run it to scan your computer for viruses and spyware (aka malware). Delete any suspicious software and restart your computer.
Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically.
Software developers often release updates to patch security vulnerabilities. Keep your security software, your internet browser, and your operating system up-to-date to help your computer keep pace with the latest hack attacks.
2. Change your passwords
That’s IF you’re able to log into your email or social networking account. Someone may have gotten your old password and changed it. If you use similar passwords for other accounts, change them, too. Make sure you create strong passwords that will be hard to guess.
3. Check the advice your email provider or social networking site has about restoring your account
You can find helpful advice specific to the service. If your account has been taken over, you might need to fill out forms to prove it’s really you trying to get back into your account.
4. Check your account settings
Once you’re back in your account, make sure your signature and "away" message don’t contain unfamiliar links, and that messages aren’t being forwarded to someone else’s address. On your social networking service, look for changes to the account since you last logged in — say, a new “friend.”
5. Tell your friends
A quick email letting your friends know they might have gotten a malicious link or a fake plea for help can keep them from sending money they won’t get back or installing malware on their computers. Put your friends’ email addresses in the Bcc line to keep them confidential. You could copy and send this article, too.
What to Do Before You’re Hacked
- Use unique passwords for important sites, like your bank and email
That way, someone who knows one of your passwords won’t suddenly have access to all your important accounts.
- Choose strong passwords that are harder to crack.
Some people find password managers — software that stores and remembers your passwords for you — a helpful way to keep things straight. If you use a password manager, make sure to select a unique, strong password for it, too. Many password managers will let you know whether the master password you’ve created is strong enough.
- Safeguard your usernames and secret passwords
Think twice when you’re asked to enter credentials like usernames and secret passwords. Never provide them in response to an email. If the email or text seems to be from your bank, for example, visit the bank website directly rather than clicking on any links or calling any numbers in the message. Scammers impersonate well-known businesses to trick people into giving out personal information. ECSU will never, never ask for your secret password.
- Turn on two-factor authentication if your service provider offers it
A number of online services offer “two-factor authentication,” where getting into your account requires a password plus something else — say, a code sent to your smartphone — to prove it’s really you.
- Don’t click on links or open attachments in emails unless you know who sent them and
what they are
That link or attachment could install malware on your computer. Also do your part: don’t forward random links.
- Download free software only from sites you know and trust
If you’re not sure who to trust, do some research before you download any software. Free games, file-sharing programs, and customized toolbars also could contain malware.
- Don’t treat public computers like your personal computer
If it’s not your computer, don’t let a web browser remember your passwords, and make sure to log out of any accounts when you’re done. In fact, if you can help it, don’t access personal accounts — like email, or especially bank accounts — on public computers at all. (Also be careful any time you use public Wi-Fi.)
Learn more at the Federal Trade Commission website https://www.consumer.ftc.gov/topics/privacy-identity-online-security
How to Keep Your Personal Information Secure
Protecting your personal information can help reduce your risk of identity theft. There are four main ways to do it: know who you share information with; store and dispose of your personal information securely, especially your Social Security number; ask questions before deciding to share your personal information; and maintain appropriate security on your computers and other electronic devices.
Lookout for Phishing
Phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords. Scammers use your information to steal your money or your identity or both.
Lookout for Malware
Malware includes viruses, spyware, and other unwanted software that gets installed on your computer or mobile device without your consent. These programs can cause your device to crash, and can be used to monitor and control your online activity. They also can make your computer vulnerable to viruses and deliver unwanted or inappropriate ads. Criminals use malware to steal personal information, send spam, and commit fraud.
The IT Security Office (ISO) provides focused topic presentations in-person and on
the website. We also curate free resources for the University Community.
Identity Theft is Real
Protect Your Identity:
What can you do to keep your personal info secure? Are identity protection services worth the cost? What about credit freezes? Check out the FTC’s identity theft articles to find out.