Cybersecurity Awareness and Training Tools
2019 Cybersecurity Awareness Topics
“Phishing” is a tech industry term for a kind of cybercrime where people try to fool other people into sending them money or revealing personal information online. The name comes from the idea of fishing: scammers send a message that acts as bait, hoping to “hook” someone.
How to Identify a Phishing Email
The good news is that you have the power to throw these phish back! Let’s take a minute to talk about what you can do to avoid phishing.
- Just be cautious. Remember the old warning about not talking to strangers? It goes double on the internet, since anyone can pretend to be anyone else and an email from an exciting new friend could actually be a trick. Ask your potential phisher to provide proof or explain their amazing offer in detail, and you’ll trip up an attacker really fast.
- Remember not to share sensitive information through emails. Details like your passwords, credit card numbers and Social Security Number are things that no legitimate company would be asking you for in an email.
- If you suspect you’ve received a Phishing email you can report it to UND UIT via the Phish Notify button in Outlook or calling 701.777.2222
Passwords! They can be a headache, especially when people worry about password safety. Sometimes it seems like that in order to be safe, your password must contain letters, numbers, punctuation, emojis, colors and at least one Egyptian hieroglyph.
How to Create A Strong Password
But the truth is that it’s easier to create a long, strong, safe password than most people think. Let’s take a quick look at a few tips for making a password that will keep your account safe.
- You can use a passphrase instead of a password. Passphrases or sentences will always be longer than a single word (which is good, because government advice now suggests that passwords be anywhere from eight to 64 letters long!) and they stick in your mind better, because they have more meaning.
- Make sure it’s something you can remember without writing down. If you do have to write down your password, make sure to protect that paper really carefully — like locking it in a desk drawer or safe.
- Check your password strength online. Many cybersecurity companies have free password strength checkers available.
- Check out our infographic on shaking up your passphrase protocol and pick up a few good tips on creating and protecting strong passwords.
“Multi-factor authentication” (MFA) is a tech industry term for using different types of verification to get into an account. The idea is that you use multiple things at the same time to really prove that you’re actually you. A password is one example of a factor; a fingerprint is another.
Multi-factor authentication makes it much harder for hackers to break into people’s accounts. If they have one password but not the other one or two factors that they need, then they can’t get into that account after all.
Tips for Authentication
- Check whether you can set it up on any of your accounts. Most accounts that you’d want to protect offer it. In a setup like this, the account will ask for something in addition to a password — usually, sending a text message to your phone.
- Use different types of authentication. There are different types of factors: something you know, something you have and something you are. Use factors from different families for extra protection.
- You can use authenticator apps to easily handle two-factor authentication for multiple accounts.
Staying Safe on Social Media
There are more than four billion people on the Internet today, and many of them use social media to communicate. But while social media can be fun and a great way to chat with friends, it can be risky as well. When people share personal information about themselves, they may become targets for scammers and identity thieves.
However, you can take a few simple precautions to keep yourself and your friends and family safe on social media. Here’s how.
First, always use the strongest privacy settings you can. Check the Settings section of your social media profile and make sure what you’re posting can only be seen by your friends.
Second, think about what you post before you post it. It’s easy for people to misunderstand a joke or a fun meme, especially with billions of people out there who might see it. It’s easy to avoid this, though. Think of your social media as your outfit: there are some things you wouldn’t wear in public because people would laugh or think it wasn’t a good choice.
Apps are part of our lives now. Remember that slogan, “There’s an App for That”? Nowadays, it seems like there really is an app for everything — from games to shopping, fitness, beauty, hobbies and more. No wonder that almost 50% of all smartphone users download at least one new app a month.
Just like with any device or program, though, it’s important to choose and use your apps carefully. Some apps may be scams or contain viruses. Here’s what you can do to keep yourself safe.
First, look out for permissions. Any time you install an app, it’ll ask you to allow it permission to access functions of your device — stuff like the camera, text messaging ability and contacts list. But should a fitness app need to use your camera, or a game need to know who you call? You can click “Deny” to keep an app from getting certain permissions.
Second, get your apps from the official sources. Apple App Store and Google Play have standards for what apps they include, and something from the official store is less likely to cause problems for you.
Today, personal data is more important than ever. Lots of organizations collect information while doing business, and that means if those organizations get hacked, that customer info gets exposed to the world.
Your smarts, though, can make a difference and help protect those people who trust you with their data. Let’s talk about protecting personal and customer information.
First, it’s important to know what you can and can’t collect. You can usually find that information within your department training program and policies. You should also be familiar with the university policy on data classification and information technology standards located at below web link. Being familiar with the types of data such as private or restricted and how to properly identify, store, transmit, and destroy will help ensure compliance, keep data secure, and keep you out of trouble.
Some ways you can help protect personal or sensitive data is to utilize secure means of transmitting such as UND Liquid Files or via VPN connection, controlling access to data by limiting to only those with need to know, not storing private or restricted data on your local hard drive, and deleting data when no longer needed.
Second, be aware of possible trouble. Some data, like email addresses, seems harmless enough, but it can be exploited by a scammer. If someone approaches you and asks for personal or customer information, you’ll be the first line of security between an innocent person and someone wanting to steal their identity. It is okay to be suspicious when someone asks for info.
- UND IT Security
- Educause IT Security
- National Cyber Security Alliance
- DUO Cybersecurity
- US Cert Tips for Non-Technical Users
- Center for Internet Security
When it comes to cybersecurity, knowledge is power. Join us in helping safeguard UND!