Be Cybersafe is…
FIT’s campaign for cybersecurity for our community. For more tips and techniques to increase your cybersecurity visit our IT security page.
Cyberattacks, identity theft, and online scams are all over the news lately. A school might not seem like a likely target, but colleges, along with other institutions, are increasingly in the cross-hairs of global cybercriminals. College databases hold a lot of personal information about students and employees that can be valuable to hackers.
Many attacks against institutions like FIT succeed because of something a community member did (clicking on something they shouldn’t) or didn’t do (use a strong password). That’s why we’re starting a campaign to make everyone aware of what they can do to stay cybersafe. We’ll provide tips, training, and online resources and members of our security team will be at campus events to promote awareness and answer questions. And remember the same practices that protect you at FIT protect you at home.
Why Does Cybersafety Matter?
- Data breaches are expensive: Forbes estimated that the Home Depot breach will cost $10 billion.
- Reputations are damaged: Sony lost the ability to work with key Hollywood artists because of secrets revealed in an email breach.
- Penalties can be severe: If privacy or other requirements are violated, fines can be steep, and funding can be at risk.
- Intellectual property can be lost: Competitors can steal designs and ideas.
- Individuals, as well as institutions, can be victims.
Should you be afraid? Yes!
Can you protect yourself and our community from cyber-criminals? Definitely!
Here are a few quick cybersafety tips to start. There’ll be more to come as the campaign progresses.
- Don’t open emails or attachments that don’t make sense (e.g. “You just won a contest” from a store you don’t shop in).
- Never supply personal information or username unless you’re sure of the identity of the person you’re talking to.
- Don’t download software from untrusted places.
- Change your passwords often and make them hard to guess; don’t use the same password for too many accounts.
Many recent cyberattacks have targeted colleges. Among them:
- The recent hacking of the Democratic National Committee before the election was facilitated by stolen email accounts from a prestigious university.
- At Michigan State University, unknown attackers gained access to a database with records on 400,000 current and former students and stole social security numbers, student ID numbers, and dates of birth.
- Rutgers University was hit with a number of “distributed denial of service” (DDoS) attacks that interrupted some of its systems; the longest lasted five full days. Rutgers had invested $3 million in cybersecurity—but that didn’t prevent the attacks.
- Two University of Southern California hospitals were hit by a ransomware attack that made hospital data inaccessible to employees. Healthcare and financial services companies and even police departments have been forced to pay ransoms to restore data.
So watch your email in the coming weeks for links to cybersecurity training videos and other resources. Be aware—and Be Cybersafe!
FIT and other SUNY campuses have recently seen a number of spoofed requests to open documents in Dropbox. The requests come in email and appear to come from legitimate FIT email addresses, but the “sender” is not someone who would communicate with you over Dropbox and the subject line is blank or nonsensical. The phish […]
The U.S. Internal Revenue Service issued a reminder warning to all employers about an email identity-theft scam that spoofs emails from senior management, payroll or human resource departments to trick employees into revealing sensitive information such as their W-2 forms. Scammers are targeting schools, nonprofits, and other organizations. How the scam works The cyber criminal […]
Cyber criminals are taking advantage of college students looking for work and wanting to make extra money during their limited free time. Scammers target student emails and places students look for work and to connect with employers. Below you will find some of the scams meant to target students looking for a job.
How the Phishing attack works The newest phishing scam is so “efficient” that many experienced technical users have reported falling for it. The scam tricks Gmail users into revealing their login credentials.The phishing attack starts with an email that contains what appears to be an attached PDF document, but is, in reality, an embedded image […]
SUNY has reported that users at many colleges that use Blackboard are receiving emails similar to the one below, trying to get them to download course notes. “Hey guys, I just found some really helpful notes for the upcoming exams for FIT courses at https://oneclass.com/s/signup. I highly recommend signing up for an account now that […]
December 21 Update Earlier this week we informed you that Lynda.com suffered a data breach. Additionally, some of you may have received an email from Lynda.com directly advising you about the breach. In almost every case the information that was exposed was name, FIT email address, and the list of courses taken. Lynda.com also informed […]
In September we shared a warning of a 2014 breach of Yahoo accounts that was discovered this year. On December 14, Yahoo announced that over 1 billion accounts might have been compromised in a separate attack in 2013. As with the previous attack, Yahoo warns, the account information may have included names, email addresses, telephone […]
There has been a recent increase in scams targeting colleges. In a typical scenario, a caller poses as an employee of a big-name computer company such as Microsoft or Dell and tells the victim that their computer is infected with a virus and it needs to be remedied. If successful, the scammer convinces the victim […]
Did you know that scammers could be after your credit card information and your money? Scammers use social media and word-of-mouth to target student populations at U.S. colleges and universities by claiming to offer discounts on school tuition if the student makes a tuition payment via the fraudulent site. The victims are subsequently asked to […]
You may have seen on media outlets that Yahoo has confirmed information from 500 million of its accounts was stolen in 2014. According to Yahoo, the account information may have included names, email addresses, telephone numbers, dates of birth, encrypted passwords and, in some cases, encrypted or unencrypted security questions and answers. Yahoo will contact […]