Entries Tagged 'Security Tips' ↓

Email Scam Impersonating IRS Targets University Students and Staff

With less than a month remaining of the spring semester, Computing Services wanted to take the opportunity to remind our students and employees of the threats posed by phishing attempts and email scams.

Phishing attempts can be fraudulent emails and telephone calls from someone posing as a trustworthy source in order to obtain sensitive information such as usernames, passwords and financial information. These attacks are on the rise, so it is critical that you remain vigilant about emails or calls you may receive.

We have been notified by our Financial Aid staff about one such phishing attempt. The Internal Revenue Service (IRS) is reporting that an IRS-impersonation scam is targeting university and college students and staff with “.edu” email addresses (see the NASFAA bulletin about this warning here).

These phishing emails display the IRS logo and use various subject lines such as “Tax Refund Payment” or “Recalculation of Your Tax Refund Payment.” It also asks individuals to click a link and submit additional information, such as date of birth, social security, and other personal details to claim their refund.

The IRS would never contact you via email, requesting personal information. If you receive one of these emails, you should not click the link nor provide any information.

Universities can often face an increase in the number of phishing attempts they receive in the build up to busy periods like semester end, so please continue to be vigilant and take the following action to prevent phishing attempts and email scams:

  • Do not open or respond to emails that you suspect as being a phishing attempt or scam.
  • Do not open attachments that have been sent to you by unknown sources or click on unknown links.
  • Be mindful of the sender’s email address and any web links that you are sent – even a single character out of place may mean that it’s fake.

When in doubt, don’t click.

For questions or to report a scam email, contact ASU Computing Services at computingservices@adams.edu or (719) 587-7741.

Today is Data Privacy Day

Millions of people are unaware of and uninformed about how their personal information is being used, collected or shared in our digital society. Data Privacy Day, celebrated on January 28th each year, is an effort to empower people to protect their privacy, control their digital footprint, and escalate the protection of privacy and data as everyone’s priority.

This year’s theme is Own Your Privacy:

  • Personal info is like money: Value it. Protect it. Personal information has tremendous value to businesses, just like money. Make informed decisions about whether or not to share your data.
  • Keep tabs on apps. Many apps ask for access to personal information, such as your geographic location, contacts list, and photo album before you can use their services. Be mindful about who gets that information.
  • Manage your privacy settings. Check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. The National Cyber Security Alliance (staysafeonline.org) has compiled a list of direct links to update your privacy settings on popular devices and online services.

Computing Services is here to help. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our Help Desk on the first floor of Nielsen Library.

Have a great day!

ASU Computing Services

Fraudulent Unemployment Claims

Adams State has become aware of several attempts to file unemployment claims with the State of Colorado for individuals who are still employed at the University. These are known as “impostor claims” and there has been an increase across the country in such activity during the COVID-19 pandemic. 

Human Resources has employment verification systems in place for unemployment claims and will contact individuals if a false claim is received. If an employee becomes aware that someone is using their identity to collect unemployment benefits, they should report this immediately to Human Resources.

The State also recommends that the employee:

  • File a police report. You can file a “counter report” with your local police department. As a victim, you have the right to file this report. Filing this report does not mean that the police will investigate, but there will be a record of it on file and you can get a copy of the report for your records.
  • Report identity theft to the Federal Trade Commission at: https://identitytheft.gov/. The FTC’s website includes helpful resources about how to recover from identity theft and how to protect your identity.
  • Create a file where you can keep any records relating to this identity theft in one central place, in case you are notified of other fraud or breaches of your personal information.
  • Check and monitor your credit reports at: http://www.annualcreditreport.com/. Keep in mind, if you have medical coverage with Anthem, you have access to credit monitoring and ID Theft protection. For more information, please visit the Benefits page on the HR website and click on “AllClear ID Protection – Anthem Members.”

Scammers rely on social engineering: In a typical phone scam, an employee will receive a phone call from someone claiming to be from the State of Colorado Department of Labor and Employment. The caller may state that the State has no record of employment and ask for the employee’s social security number so that they can receive unemployment benefits. 

No one from the State of Colorado nor Adams State (including the Human Resources office) will contact employees by phone to request personal or financial information. Any ASU employee who receives a call asking for a social security number or other personal information related to unemployment benefits should hang up immediately.

The Human Resources office is tracking unemployment fraud attempts. Employees who experience any of these problems are asked to send an email to Human Resources at hr@adams.edu or contact (719) 587-7990.

Cybersecurity Awareness: It’s Never Really Over

As we close out National Cybersecurity Awareness Month, we hope that the information and resources we have shared has been useful. While we covered just a few topics to assist you in reducing cybersecurity risks, there are many others to consider.

From using social media safely, employing passphrases to secure your accounts, and enabling two-factor or multi-factor authentication when available, we are each responsible for educating ourselves in ways we can practice good digital hygiene. The National Cyber Security Alliance (https://staysafeonline.org/) is always a great resource; check out these videos and this tip sheet from their Stop.Think.Connect. initiative for additional ideas on how to keep yourself safe online.

While Cybersecurity Awareness Month may be observed every October, we remind you to Do Your Part. #BeCyberSmart. all year long. 

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our Help Desk on the first floor of Nielsen Library.

Have a great day!

ASU Computing Services

Cybersecurity Awareness: Phishing ~ Don’t Take the Bait

Did you know that over 90% of all cyberattacks begin with a phishing email?

What is phishing?

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.

How do you prevent a phishing attack?

There are always signs that something’s not right, if you pay attention and educate yourself on what to look for. To help identify a possible phishing attempt, take a look at these Social Engineering Red Flags or check out this video for tips on how to avoid taking the bait.

If you’re unsure who an email is from, even if the details appear accurate, do not respond, and do not click on any links or attachments found in that email. Always avoid sending sensitive information via email.

The best piece of advice: When in doubt, throw it out.

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our Help Desk on the first floor of Nielsen Library.

Have a great day!

ASU Computing Services

Cybersecurity Awareness: Ransomware 101

If you’ve been following recent election coverage, you may have heard about how Microsoft took action to disrupt a massive hacking operation that distributes ransomware, which the US government and independent experts have warned is one of the largest threats to the upcoming elections.

So, what is ransomware? According to the National Cybersecurity Alliance (https://staysafeonline.org/), ransomware is a type of malware that accesses a victim’s files, locks and encrypts them and then demands the victim to pay a ransom to get them back. It’s like the “digital kidnapping” of valuable data – from personal photos and memories to client information, financial records and intellectual property – and any individual or organization could be a potential target.

So, how do you avoid ransomware and prevent an attack? Suggestions include keeping a clean machine (mentioned in our last post), protecting yourself with security software, and backing up your data. For more tips, additional resources, and advice for what to do if you’re faced with a ransomware attack, check out this tip sheet: Ransomware 101

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our Help Desk on the first floor of Nielsen Library.

Have a great rest of the week!

ASU Computing Services

Cybersecurity Awareness: If You Connect It, Protect It

We all make mistakes – and cybercriminals know this. One big one? Not keeping your software up-to-date. 

Companies put out software patches for a lot of reasons, but a main one is to patch security holes. If you’re not updating, you’re not protected. So do a quick scan of all of your devices – computer, tablets, phones, routers, other connected devices – and make sure they’re running on the latest version of their software. Having the most up-to-date mobile security software, web browser, operating system and apps is the best defense against viruses, malware and other online threats.

Want to make your life easier? Turn on automatic updates so that you don’t have to think about it, and set your security software to run regular scans.

For more tips on how to keep a clean machine, check out this article from Stop.Think.Connect. (https://stopthinkconnect.org/), the global online safety awareness campaign: Keep a Clean Machine.

**Remember: If you connect it, protect it.**

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our Help Desk on the first floor of Nielsen Library.

Have a great day!

ASU Computing Services

It’s National Cybersecurity Awareness Month!

October is Cybersecurity Awareness Month, a global effort to help everyone stay protected whenever and however you connect. The overarching theme for this year’s campaign is: Do Your Part. #BeCyberSmart.

The cybersecurity and digital privacy of our students and employees is important and Adams State is proud to support this safety and education initiative. Throughout the month, we’ll share some tips and resources to help you protect yourself and the university while online.

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our Help Desk on the first floor of Nielsen Library.

Have a great rest of the week!

ASU Computing Services

Keep Your Halloween Cyber-Trick-Free

As we close out National Cybersecurity Awareness Month on this sunny Halloween, we hope that some of the tips we have shared have been useful. The more you know, the more you are prepared for the monsters, zombies, and mummies that are out there. Whether you’re on your phone, tablet, or computer, remember to Own IT. Protect IT. Secure IT. from things that go bump in the night or lurk in the dark web.

For some cybersecurity horror stories, check out this list of bone-chilling tales from our friends at Panda Security: Halloween Cybersecurity Horror Stories. Or, if you prefer your stories more on the cheesy side, this quick video from our colleagues at the University of Rochester has additional tips to stay safe: “The Top Ten” Movie Trailer.

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our offices in the Computing Services building.

Have a great Halloween!
ASU Computing Services

Don’t forget to like us on Facebook!
www.facebook.com/ASUComputingServices

Cybersecurity Tip #3 – Protect IT: if you connect, you must protect

It’s essential to take proactive measures to enhance cybersecurity at home, at work, and when you’re out and about. In previous weeks, we addressed how to best own and secure your personal information. Now, we need to safeguard all of that invaluable data, so here are some tips to help you “Protect IT.”

Keep a Clean Machine:

  • Keep software current – Having the most up-to-date mobile security software, web browser, operating system and apps is the best defense against viruses, malware and other online threats, so keep your software updated to the latest version available. Turn on automatic updates so that you don’t have to think about it, and set your security software to run regular scans. If prompted to update your device, don’t hesitate—do it immediately.
  • Delete when done – Many of us download apps for specific purposes, such as planning vacations, and no longer need them afterwards, or we may have previously downloaded apps that are longer useful or interesting to us. It’s a good security practice to delete all apps you no longer use.

Protect Your Personal Information:

  • Secure your devices – Use strong passphrases, passcodes, or other features such as touch identification to lock your devices. Securing your device can help protect your information if your device is lost or stolen and keep prying eyes out.
  • Now you see me, now you don’t – Some stores and other locations look for devices with WiFi or Bluetooth turned on to track your movements while you are within range. Disable WiFi and Bluetooth when not in use.

For more ideas to help you Protect IT, check out these 5 Steps to Protecting Your Digital Home from the Cybersecurity and Infrastructure Security Agency (CISA) (https://www.cisa.gov/).

**Remember: if you connect, you must protect.**

Computing Services is here to help you with cybersecurity and answer any questions you may have. Feel free to contact us at (719) 587-7741, computingservices@adams.edu, or stop by our offices in the Computing Services building.

Have a great day!
ASU Computing Services

Don’t forget to like us on Facebook!
www.facebook.com/ASUComputingServices