Cybersecurity Awareness Month : 20 Ways to Stop Mobile Attacks

Don’t let your guard down just because you’re on a mobile device. Be just as careful as you would on a desktop!

WiFi

            • Don’t allow your device to auto-join unfamiliar
              networks.
            • Always turn off WiFi when you aren’t using it or
              don’t need it.
            • Never send sensitive information over WiFi unless you’re absolutely sure it’s a secure network.

Apps

            • Only use apps available in your device’s official
              store – NEVER download from a browser.
            • Be wary of apps from unknown developers or
              those with limited/bad reviews.
            • Keep them updated to ensure they have the
              latest security.
            • If they’re no longer supported by your store,
              just delete!
            • Don’t grant administrator, or excessive privileges
              to apps unless you truly trust them.

Browser

            • Watch out for ads, giveaways and contests that
              seem too good to be true. Often these lead to
              phishing sites that appear to be legit.
            • Pay close attention to URLs. These are harder to
              verify on mobile screens but it’s worth the effort.
            • Never save your login information when you’re
              using a web browser.

Bluetooth

            • Disable automatic Bluetooth pairing.
            • Always turn it off when you don’t need it.

Smishing  (phishing via SMS)

            • Don’t trust messages that attempt to get you to
              reveal any personal information
            • Beware of similar tactics in platforms like What’s
              App, Facebook Messenger Instagram, etc.
            • Treat messages the same way you would treat
              email, always think before you click!

Vishing (voice phishing)

            • Do not respond to telephone or email requests
              for personal financial information. If you are
              concerned, call the financial institution directly,
              using the phone number that appears on the
              back of your credit card or on your monthly
              statement.
            • Never click on a link in an unsolicited commercial
              email.
            • Speak only with live people when providing
              account information, and only when you initiate
              the call.
            • Install software that can tell you whether you are
              on a secure or fake website.

Cybersecurity Awareness Month : Social Engineering Awareness Tips

Here are a few  social engineering awareness tips to remember that will help protect you.

      1.  Criminals won’t just email you, they’ll use SMS,
        phone calls, or even knock on your door. Remain
        vigilant at all times.
      2.  Don’t jailbreak your phone or sideload apps from
        non-approved app stores.
      3.  Lock your computer when leaving it unattended.

Cybersecurity Awareness Month :Free Course “2021 Social Engineering Red Flags”

2021 Social Engineering Red Flags

With our free training module we help you understand this threat and how to keep yourself and your organization safe. Available in 10 languages!

By the end of this course, you will learn:

          • How to recognize red flags, or signs of danger
          • Example scenarios showing cybercriminals’ techniques
          • Actionable steps you can take to protect yourself and your organization

2021 Social Engineering Red Flags Course

Finding IT Services Just Got Easier!

Announcing the new ITS Service Catalog

Widener University Office of Information Technology Services is pleased to announce our first iteration of our Service Catalog. It serves as a new way to access and request information regarding ITS services.

How to Access the Service Catalog?

You can access the Service Catalog by searching on the myWidener portal or using the direct link to the Service Catalog at http://sites.widener.edu/service-catalog/.

What is a Service Catalog?

The Service Catalog provides an organized collection of services that are available to the Widener University community. The web-based Service Catalog offers one location to access information about ITS services, contacts, and resources. While this is currently not an extensive or all-inclusive list, we will continually add services to the catalog, as well as information about each service, such as: how to request a service and links to support information.

Why an IT Service Catalog?

You may be familiar with ITS services, but it can sometimes be difficult to know whom to contact for what. The Service Catalog was developed to:

      • Provide one central source of information in a standard format.
      • Enhance the understanding of what services ITS provides.
      • Improve customer service by integrating with Helpdesk and support activities.
      • Provide a regularly updated web presence for ITS services which are accurate, current, and contains timely information about new and changing services.

How does the Service Catalog Work?

The web-based Service Catalog is broken up by categories and then into services. It was designed as an easy way for customers to navigate the inventory of services.  Each service includes a brief description of what is provided and to whom. Each may also include links to additional information. There is a search function to quickly locate specific services.

How do I provide feedback?

To provide comments and suggestions on our services and the Service Catalog itself, please email itscs@widener.edu. We are especially interested in how we can make the Service Catalog more useful to you!

 

 

Announcing Hypothesis

We are excited to announce that Widener University now has a license with Hypothesis, a social annotation tool installed directly into Canvas. Adding Hypothesis to readings in Canvas supports student success by placing active discussion right on top of course readings, enabling students and teachers to add comments and start conversations in the margins of texts. This integration works seamlessly with Canvas modules, assignments, and the SpeedGrader!

If you would like to get started, below are some resources to implement Hypothesis in your Canvas courses:

Here are a few general Hypothesis resources, all of which could also be shared with students:

If you have any questions about our partnership with Hypothesis, please reach out!

Stand Up to Cyberbullying

Today is International Stand Up to Bullying Day, a special semi-annual event in which participants wear and use pink to take a visible, public stance against bullying.

Stand up to bullying and show your support for your fellow members of the Pride, by using this pink Zoom background for your next class or meeting. The background has been added to Widener’s default Zoom backgrounds and available to select when choosing a virtual background. Don’t see it?  Sign out of Zoom and then sign back in with the SSO option.

Cyberbullying vs. bullying

Cyberbullying is the “willful and repeated harm inflicted through the use of computers, cell phones, and other electronic devices” (from cyberbullying.org).  These elements include the following:

        • Willful: The behavior has to be deliberate.
        • Repeated: Bullying reflects a pattern of behavior, not just one isolated incident.
        • Harm: The target must perceive that harm was inflicted.
        • Computers, cell phones, and other electronic devices: This, of course, is what differentiates cyberbullying from traditional bullying
Anonymity, Distance, and Scope

While often similar in terms of form and technique, the three main differences can make cyberbullying even more devastating: anonymity, distance, and scope.

Because they don’t need to physically confront their victim, the aggressor can hide behind an anonymous username and their target might never know the source of their torment. This anonymity can also embolden those who would never dream of bullying someone in real life.  While acting from a physically distant location, the aggressor doesn’t have to see the immediate effects of their actions. Anonymity and distance allow cyberbullies to be crueler than they ever would be in person.

The scope of cyberbullying and the ability for those hurtful actions to go viral means that a large number of people can participate in the victimization. Technology’s global reach provides a limitless pool of potential targets, aggressors, and witnesses/bystanders.  Victims cannot escape the eyes of their virtual audience, which amplifies their feelings of helplessness and despair.

Why Pink?

The color pink is used in connection with the original campaign started by Travis Price and David Shepherd, two students who took a stand for a fellow student who was bullied for wearing a pink shirt to school.

“David Shepherd, Travis Price and their teenage friends organized a high-school protest to wear pink in sympathy with a Grade 9 boy who was being bullied [for wearing a pink shirt]…[They] took a stand against bullying when they protested against the harassment of a new Grade 9 student by distributing pink T-shirts to all the boys in their school. ‘I learned that two people can come up with an idea, run with it, and it can do wonders,’ says Mr. Price, 17, who organized the pink protest. ‘Finally, someone stood up for a weaker kid.’ So Mr. Shepherd and some other headed off to a discount store and bought 50 pink tank tops. They sent out message to schoolmates that night, and the next morning they hauled the shirts to school in a plastic bag. As they stood in the foyer handing out the shirts, the bullied boy walked in. His face spoke volumes. ‘It looked like a huge weight was lifted off his shoulders,’ Mr. Price recalled. The bullies were never heard from again.”

— Globe & Mail

We’re all Widener

At Widener, the safety & well-being of our community is a top priority. If you have experienced or witnessed bullying, or other forms of discrimination or harassment, there are resources here to help:

Report It
Campus Safety
Counseling & Psychological Services (CAPS)
Student Success & Support

 

Who is Cortana and Why Am I Receiving “Your Daily Briefing” Emails?

Summary: Office 365 users recently began receiving daily Cortana emails. In this article we will explain what these email are, what Cortana can do, and how you can disable it if you choose to.

Who is Cortana?

Cortana is Microsoft’s Artificial Intelligence (AI), promoting it as a personal productivity assistant to help you save time and focus on what matters most. Cortana powers their entire secure cloud, which includes Office 365. Cortana is voice activated.

Why is Cortana Emailing Me?

Your Daily Briefing email is sent to help you stay in control of your calendar and be more intentional with your day. Cortana learns when you get to work and will send the email based upon what it predicts is the start of your work day.

What can Cortana do for me?

Cortana can be found by clicking start and typing “Cortana”, it will ask you to login using your email account. Some of the things that Cortana can do for you:

      • Join a meeting in Microsoft Teams or find out who your next meeting is with
      • Manage your calendar and keep your schedule up to date
      • Create and Manage Lists
      • Set reminders and alarms
      • Open apps on your computer

Not receiving Cortana Emails?

Cortana is data driven, the more data it has the better to predict your needs. If you are not receiving the Daily Briefing emails, not to worry, Cortana just doesn’t have enough data to send them. You may also not be subscribed.

How can I unsubscribe, subscribe or find out if my Cortana is active?

If you do not want to receive Cortana emails, look in the footer of the Daily Briefing email, there you will find an “unsubscribe” button.

To verify if your Cortana is active or to change your subscription. While logged into your Office 365 account, you can go to https://cortana.office.com and change your subscription at any time. 

If you would like to learn more about what Cortana can do for you, please visit the Cortana LinkedIn Learning playlist. You can also search in LinkedIn Learning to find more in-depth tutorials.

Apple iOS14 Release Information

Apple released the iOS14 update, with many new features for iOS devices (iPhone, iPad, iWatch). There has been a lot of confusion about one of the features as they haven’t advertised it well. A new default feature in iOS14 uses a private address when you join a Wi-Fi network. You would have a different private address for each Wi-Fi network that you would connect to. This is an important safety feature especially on public Wi-Fi networks.

We were under the impression that this private address would change every 24 hours, ultimately causing you to have to re-register on Widener’s network . After a full week of testing and working with technical support, we were able to determine that this feature will function on Widener’s Campus Wi-Fi.

The only change with this feature being ENABLED would be that you now have to register your device on each network. This would mostly affect the student population who travel from the residence halls (“wu-secure-resnet”) to the academic buildings (“wu-secure”).

You have the ability to disable this feature. Follow the directions below:

Turn private address off or on for a network

You can stop or resume using a private address with any network. For better privacy, leave the setting on for all networks that support it.

iPhone, iPad, or iPod touch

  1. Open the Settings app, then tap Wi-Fi.
  2. Tap the information button next to a network.
  3. Tap Private Address. If your device joined the network without using a private address, a privacy warning explains why.
    1. Uncheck the Private Address.

Apple Watch

  1. Open the Settings app, then tap Wi-Fi.
  2. Tap the name of the network you joined. If you haven’t joined the network yet, swipe left on its name and tap more .
  3. Tap Private Address.
    1. Uncheck the Private Address.

 

Main Campus Residence Hall “Xfinity on Campus”

Due to a major shift to streaming technologies, as of July 1st, ITS will be taking on the responsibilities to provide cable TV to the Main Campus Residence Halls. Our Operations Department has done an outstanding job in the past, dealing with the logistical nightmare of handling over 1000 coax cables, remote controls, and set top boxes. We are excited to announce a new service that eliminates all of that!

XFINITY ON CAMPUS™

LIVE AND ON-DEMAND STREAMING TV AND DVR POWERED BY COMCAST

XFINITY On Campus™ is a service from Comcast enabling students to watch and record live television or to watch on-demand content directly in a web browser or mobile device with the Xfinity Stream app. The service is provided free as part of Widener University Main Campus Residence Life. For Television Sets, students must purchase a Roku player, from an authorized dealer, listed in details below.

Roku devices must connect to the wu-open-game-stream WiFi network! All other devices can access this service on the wu-secure and wu-secure-resnet WiFi networks.

KEY FEATURES

  • Watch over one hundred HD television channels with searchable program guide.
  • Twenty hours of Comcast DVR. Schedule recording of up to two programs simultaneously and then play them back at any time. Recorded shows can optionally be downloaded to watch off-campus or entirely off-line.
  • Watch thousands of XFINITY On-Demand programs at any time.
  • Optional premium upgrades to add channels, premium networks (including HBO, NFL RedZone and more), sports packages, and international programming.
  • TV Go / TV Everywhere supported for viewing when on-line but NOT on the campus network.
  • Direct access to Comcast to report problems and get help via the Comcast XFINTY on Campus™ portal.

ELIGIBILITY

XFINITY On Campus™ is available to officially enrolled Widener University Main Campus Housing residents only. There are no fees or complicated registration steps required to use the service. Your computer or mobile device must be connected to the Widener Main Campus network to use most features.

Minimum Requirements

  • Exclusively for residents of Widener University Main Campus Housing.
  • Widener user ID and password
  • Active connection on the campus network (wired or wireless)
  • Current versions of Windows and Mac OS X Operating System
  • Current versions of Apple iOS and Android devices
  • Current versions of select Kindle Fire devices
  • Roku Player (or Roku enabled smart TV) to watch on a television set

For more information visit MyWidener and search for Cable TV.

Comcast also provides more information at https://support.xfinityoncampus.com/hc/en-us.

If you are having problems, please contact the ITS Help Desk at (610)499-1047 or submit a quick ticket

 

PHISHING Awareness: [EXTERNAL:] Email Subject Tagging

Phishing is among the top security concerns for Information Technology. Personal identifiable information, the primary target of phishing attempts, falling into the wrong hands can cause both financial and reputation damage to our university, students and its employees. Phishing attacks are often launched by including malicious attachments or links in email. When recipients open these malicious attachments or click on the links, it can spark an attack. Most email scams begin with messages from an external email system.

As part of Widener University’s effort to reduce phishing and other email scams and spoofing, these external email messages will now receive an [External:] tag in the message subject. [External:] email tagging makes it as easy as possible for you to recognize phishing attempts wherever you can.

Avoid being scammed

The best defense to avoid being scammed is to be suspicious of any message asking for sensitive information. If the message seems off, it probably is. Trust your instincts. Phishing attempts can be clever, but they’re easy to avoid if you know the signs.

What is [External:] tagging and how does it work?

Most email scams begin with messages from a non-Widener (external) email system. When tagging is enabled these external email messages will now receive an [EXTERNAL:] tag in the message subject. Many safe and legitimate email messages come from external email systems. The [EXTERNAL:] tag does not mean the message is a scam or malicious, only that recipients should take caution and read carefully. All email originating from outside the university, except for approved services, will be tagged with this [EXTERNAL:] message. See sample below:

What should I do when I see an [External:] email?

Its important to note that an email message with this warning does not necessarily mean the email is malicious, only that the recipient should take caution before clicking any links or attachments included within the email. The [EXTERNAL:] tag means you need to stop and think about this email:

  • Is it from a sender you know?
  • Were you expecting the email?
  • Verify with your friend or co-worker over the phone if you are unsure or if the email seems a bit off.
  • If there is a link in the message, Don’t click it! Instead, hover over the link to verify it is legitimate, or manually enter the known good URL into your browser.
  • Does the message make sense?
  • If you are concerned and unsure, send the message to Phish@widener.edu

Note: A legitimate message would not ask you to provide your credentials to maintain your account access.