Skip To Content

Security

@@@@

Text Messaging Spam

We are all familiar with spam emails or at least should be. Whether it’s an inheritance from a long-lost relative that requires personal information to process or the Nigerian prince who needs your help getting his money out of the country, at some point, everyone has received a spam email.  Spam however is no longer just an email issue, it has followed technology and is now often showing up in the form of text messages. 

The goal of any scammer is to reach as many people as possible in the cheapest most effective way available and text messaging offers just that. As people have become more dependent on cell phones, texting has in many cases replaced email. This has opened up a new potential delivery method for scammers to take advantage of and it isn’t going away any time soon.  

To help protect yourself remember the following:

  • Delete suspicious messages without opening them

  • Do not click on any links contained in a text message

  • Do not reply to suspicious messages

  • Do not provide any personal information

  • Block numbers that repeatedly send unwanted messages

  • Use an app that filters/blocks spam

  • Report the spam by forwarding it to 7726 (supported by Verizon, AT&T, TMobile, and Sprint) ***Be careful not to click on any links while doing this***



Anitivirus and Antimalware

The terms virus and malware are often used to explain common software threats to computers, but are they the same thing? The answer to this question is a little complicated. While a virus is a type of malware, not all malware is considered a virus.

Malware is an umbrella term used to explain any software designed to harm your computer. Viruses on the other hand are a specific type of malicious software that can spread and self replicate to other programs. So while both terms describe software intended to harm your computer, they are not the same. Since they are not the same we must take different approaches to protect our devices from each of them.

This is where antivirus and antimalware programs come into play. Both are designed to protect your computer against malicious software, but they do not function in the same way. Antivirus tools are designed around the idea of preventing known viruses from ever making it onto your device. Whereas, antimalware tools are geared towards identifying unknown threats and the removal of malicious software that may have already made its way onto your computer.

The real question comes down to whether you need both antivirus and antimalware protection, and the answer is yes. Some antivirus programs are designed to accomplish both tasks, but not all are. So you need to be aware of the level of protection being provided by your antivirus software. If your antivirus does not provide antimalware protection, you should add the additional protection of an antimalware program. Keep in mind, to ensure your software provides the best protection possible it needs to be updated regularly. You can also check with your Internet Service Provider to see if they offer free antivirus software.

 

 

Common eMail Phishing Attempts

We've probably all received them at one point or another - the dreaded "You've been locked out of your account" emails.  Most likely you are familiar with the Nigerian Prince scam that has been around since the 90's, but would you believe that this email scam still traps people for over half-a-million dollars yearly?

Phishing attempts through email are extremely profitable for cyber criminals and a nightmare for the business world.  Having well-educated employees (and students) is nothing less than critical in providing a front-line defense against such attacks.

Below is a list of 10 very common phishing emails; each may have several variants or the wording may be different, but the subject is usually similar.  See if you recognize any of the following:

 

1.  "We've Issued a Refund"

2.  "A Delivery Attempt Was Made"

3.  "We've Detected Unusual Sign-In Activity"

4.  "Urgent Action Required"

5.  "Thank You For Your Purchase"

6.  "Your Information Has Been Compromised"

7.  "We've Locked Your Account"

8.  "Please Change Your Password"

9.  "Update Your Billing Information"

10.  "You've Appeared in a Search This Week"

 

Your best defense against falling victim to one of these misleading emails is knowledge and a bit of common sense.  For example,

“We’ve locked your account…”  Is there any reason why it would be locked?  Did you recently attempt to login and forget your password somewhere?  If not, then why would you get that email?

“A delivery attempt was made…”  This one is a little more tricky because at some point or another, most individuals order products and get them in the mail.  Ask yourself - did I recently order something that I’m expecting? Is there a reason someone would send me a gift? Again, if your situation doesn’t call for it, why would you believe the email?

“We’ve issued a refund…”  If you haven’t returned a product or bought anything that needed to be returned, then why would you be receiving a refund?

These 10 email phishing attempts come in many varieties and there are many more out there with different subjects.  All are attempts at making you react on impulse and click a link or make you give out information that you really don’t need to do.  Best option? Just delete the email without opening it. If you do open it, hover over any links in the address area, subject area, or body (but DON’T click)...does the address that shows up at the bottom of your screen look legitimate?  Does it reflect the company’s name that is implied in the email? Is there a secure “https:” at the beginning of the address?  The old adage, “if it sounds too good to be true, it probably is” also works here.  If it doesn’t look or feel right, it probably isn’t!  Be safe and delete or if you’re still unsure you could always call the company being represented; if it’s a legitimate email they should be able to confirm what you’re seeing.  Stay smart and stay safe!

What's That Link?

Links inside emails don’t always go where they say they’re really going. Emails can be made so that the text says one thing (for example saying the link will go to the Baker website), but instead actually lead you to somewhere completely different. This is very dangerous, especially if the link brings you to a login page. There are a few extra precautions you can take in order to protect yourself from these crafty attacks.

Hover over it. If you hover over a link or a picture inside the email, you are able to see where the clickable is actually taking you. This is displayed at the bottom of the page. Make sure that the website matches where you think it should be going.

When in doubt, don’t click it! If you know where you are supposed to go to make an account change or check the status of an online order, go directly to the website yourself. Navigate to the webpage using your browser and not the link in the email.

Heed the prompts. Gmail, along with other services, will sometimes prompt you if they feel the link is unsafe. Take notice of where the prompt warns that you might be going to. This isn’t a guaranteed pop-up, but it is a second chance to get out safely. In Gmail, the pop-up looks like this:

 

If it looks off, be wary. Let’s say you clicked the link. That’s okay - it happens. There’s still a chance it might not be too late if the link had malicious intent. Suppose the email asked you to log into your Baker account, but the website doesn’t look right. Close the browser window and do not enter your credentials.

Help! I clicked the link, and I entered my username and password!  Don’t panic, accidents happen. Please report the incident to [email protected] so that assistance can be provided. Our IT staff can help safeguard your account and minimize any damages that may have occurred from the incident. The sooner you notify them, the less impact the phishing attack has on both you and Baker College. If it was on a personal account, close the window you’re in and go directly to your account’s website to change your password. Use a new password that hasn’t been used before, and remember - the best security is to keep each password unique.

“Hover, Doubt, Heed.” - With these simple steps, you’re on your way to keeping your information safe and secure from phishing attempts!

 

 

Work From Home

Amidst the coronavirus pandemic, many governments are moving into the “delay” phase of their strategy to fight the virus. This includes social distancing techniques, including closing schools and asking people to work from home. Elsewhere, people are having to(being asked to?) or opting to work remotely to self-isolate or to simply help slow the spread of the virus.

The internet era and progress in technology has made it simple for many of us to carry out our regular duties from the comfort of our couch. That said, this luxury comes with its downsides, mainly by way of online security threats. Not only can remote workers have their own privacy put at risk, working from home could result in breaching company security too. The following steps are recommended to protect yourself while working remotely:

  1. Use strong and unique passwords

  2. Access resources over a secure VPN connection

  3. Set up firewalls

  4. Use an antivirus software

  5. Password protect and encrypt home WiFi 

  6. Install updates regularly

  7. Backup your data to a secure location

  8. Beware of remote desktop tools, unless sanctioned and trusted by your employer 

  9. Look out for phishing emails and sites

  10. Watch out for work-from-home scams

  11. Use encrypted communications when applicable 

  12. Lock your device

The IT staff at Baker College is ready to answer any questions or concerns you may have to safeguard both your machine and your identity.  Please visit our support page for contact information and hours of operation. 

 

@@@@Side

Cyber Security Awareness

Baker College's Cyber Awareness Committee has assembled this informative PDF document to help raise awareness of Cyber Security among Faculty, Staff, and Students.

****

S1