Do you know who you are sharing information with? Take these steps to have more control over who can access, edit, and share your files within Google.

 

Sharing documents from Google programs such as drive, docs, or sheets is one of the primary ways to collaborate in the current work environment. However, if you are not careful you can end up sharing files with THE WORLD. Accidentally disclosing confidential information in this manner could have a wide-reaching impact on both you and your organization. The three ways of sharing Google files are: 

 

  • Restricted: Most Secure Option - Allows only people who are directly invited to collaborate to access the file

  • Baker College: Second best option - Allows anyone with a Baker email address to access the file

  • Anyone with a link: Only use this when necessary - Allows anyone who has the link to access the file even if not directly shared with them

 

It is always a good idea to double-check your share settings. Knowing the different sharing options can drastically increase the security of your documents. For additional information on how to share files, please refer to Share files from Google Drive. To learn how to stop, limit, and change sharing, please visit here.

 

Phishing Safety on Mobile

Smartphones have made it increasingly easy for us to have access to all of our information at the drop of a hat. Emails, instant messaging, texts, phone calls, all in a one-stop-shop; however, this ease of access has a downside. With quick access to our emails, we are more susceptible to phishing attacks that hit us with sensationalized content to spur us to click links. Cable bill suddenly ten times your normal rate? Missed a potentially important shipment? Someone just logged into your account? All of these strike us with a sense of urgency and spur us to knee-jerk click. We want to figure out what is happening, but this puts our information at risk. Do not worry though, there are some steps that you can take while on a smartphone to protect yourself and your data.

Be calm. If an email says URGENT, uses a lot of capital letters to point out that SUDDEN actions are going to be taken unless you IMMEDIATELY respond, then the attacker is trying to trick you into acting first and thinking second. Look for these senses of urgency and think twice before clicking.

Be aware. On most mobile email systems, you are able to tap on or near the name to reveal who the email is from. Look to see if there are any misspellings of common organization names. Zero’s instead of O’s, hyphenated addons like .com-help.ru, or even blatantly wrong names could be an indicator it’s not a real email.

Be sure. Some email apps allow you to tap and hold on a link in an email to give you a full preview of where the link goes. A pop-up window will show you what the full URL is. If the link says it’s taking you to Google in the email, but is actually taking you to g00gle.com-security.ez then it is a phishing attempt. If your email app or phone does not allow this, check the email on your computer so that you can hover over the link instead.

Be safe. If you are receiving a notice from a shipping company, an online store, or a phone or internet company, you can always validate that the information is truly theirs by going directly to their website to verify the information. You can write down a tracking, billing, or order number and visit their website to see if it is a real charge or notice.

With these few steps, you and your information will be safer from the bad guys.

 

Social Media Apps Security

Social media has created a way for people to share what they are doing, important life updates, and sharing funny things or breaking news. With the far reach that it has, bad guys have learned ways to collect your data without you even being aware of the dangers.

A recent trend is the inclusion of apps and connected sessions on social media accounts. You can use them to stay logged into a game or another app across multiple devices, or even use it to create a fun little picture for your profile; however, these connections could have serious security issues tied in with them. 

One such trend was to create a family based on who you interacted with on the social media platform, creating a unique and fun way to connect with your friends. What wasn’t clear to most until further inspection was that the app also took a few extra liberties with permissions the user granted. The first was that it allowed the ability to see your follower list as well as follow accounts on your behalf. This had a two-prong approach - first it allowed the app creators to circumvent the “private” account settings to see what was being posted from accounts as well as see a list of followers. Secondly, it allowed the creator to use the website settings to follow another account, and in private  by muting the account in an attempt to cover its tracks. 

It took a savvy user to realize that they had a list of new followers not connected to their normal trend, and then upon closer inspection of their own account to see the muted account that they had no recollection of ever dealing with.

The best way to safeguard yourself from data collection like this is to review app permissions before granting them access to features on your account. Question why an app that simply changes your profile pic needs access to your follower list or to be able to tweet and follow accounts on your behalf. If something seems to be amiss, don’t allow it access. Next, review your account regularly to make sure that there are no odd posts or people you don’t recognize on your timeline or follower list. By removing these accounts and posts, you have taken steps to secure your account if anything goes wrong. Third, be wary of popular trends. They may seem innocent at first, but it takes very little effort for a viral campaign to generate loads of data for bad guys to collect and sell or misuse themselves.

 

Text Messaging Spam

We are all familiar with spam emails or at least should be. Whether it’s an inheritance from a long-lost relative that requires personal information to process or the Nigerian prince who needs your help getting his money out of the country, at some point, everyone has received a spam email.  Spam however is no longer just an email issue, it has followed technology and is now often showing up in the form of text messages. 

The goal of any scammer is to reach as many people as possible in the cheapest most effective way available and text messaging offers just that. As people have become more dependent on cell phones, texting has in many cases replaced email. This has opened up a new potential delivery method for scammers to take advantage of and it isn’t going away any time soon.  

To help protect yourself remember the following:

  • Delete suspicious messages without opening them

  • Do not click on any links contained in a text message

  • Do not reply to suspicious messages

  • Do not provide any personal information

  • Block numbers that repeatedly send unwanted messages

  • Use an app that filters/blocks spam

  • Report the spam by forwarding it to 7726 (supported by Verizon, AT&T, TMobile, and Sprint) ***Be careful not to click on any links while doing this***




Baker College's Cyber Awareness Committee has assembled this informative PDF document to help raise awareness of Cyber Security among Faculty, Staff, and Students.