Cybersecurity Awareness Month : Free Course “2021 Your Role: Internet Security and You”

From our Partners at Knowbe4: This free course is being offered during Cybersecurity Awareness Month.

2021 Your Role: Internet Security and You

With this free training course we help you understand today’s threat landscape and how to make smarter security decisions every day. Available in 34 languages!

By the end of this course, you will learn:

      • A clear understanding of today’s threat landscape
      • How to spot a cyberattack
      • Your role in preventing an attack that would put your organization or yourself at risk

https://training.knowbe4.com/modstore/view/845a6a97-bc8e-4592-8182-ff17ffa8ed70

 

Welcome to Cybersecurity Awareness Month October 2021!

In our uber-connected world, it seems like cybercriminals and malicious links creep around every corner. News stories of ransomware attacks and data breaches costing millions of dollars fly past our feeds almost constantly. We get it; it can be overwhelming. With so much information bombarding us, it can be hard to focus on the right actions to take to keep information secure. That’s why we’re recognizing Cybersecurity Awareness Month this October by sharing tips to stay cyber secure, both at work and at home. To turn away cyber attacks, a little knowledge teamed with critical thinking skills can go a long way!

Stay tuned to our blog site this month as we will be sharing weekly information provided by our InfoSec training service partner KnowBe4. The list below is what will be shared over the month of October.

    • Free Interactive Course: Social Engineering Red Flags
    • Free Interactive Course: Your Role: Internet Security and You
    • Expert-led videos on pretexting and password management
      infographics on avoiding social engineering and cybercrime
    • Cybersecurity awareness tip sheets

Microsoft Defender for Office 365

Microsoft Defender for Office 365

Widener LIS will be enabling Microsoft Defender for Office 365 on June 1st for Widener email (Outlook). All links that are found in an email are scanned by Office 365 protection services to check for security threats.

If an link is found to be unsafe, the user will be alerted with an interface describing the issue. If encountered, please close the web page immediately and continue on with your day knowing you were protected. If you feel like this website has been categorized by mistake, please open a quickticket and we will investigate. Using the “continue anyway” link is never recommended without the explicit direction of a member of the ITS Information Security Team.
click on image for a larger view

Safe Links

When a message contains a clickable image or text, the original address of the link will be replaced with a “safe link”. Safe links always contain the domain name “safelinks.protection.outlook.com/”.click on image for a larger viewSafe links will show you the original URL when you hover over the link. Emails shown in plain text mode will show the full “safe link”.click on image for a larger view

: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :

If you have any questions, please open a quickticket.widener.edu or call the HelpDesk at 610-499-1047 for further assistance.

MFA Enforcement Begins May 13th for All Employees

Starting Thursday May 13th, all employee accounts will have Multi-Factor Authentication (MFA) enforced for Microsoft 365 logins which includes Outlook, Teams, SharePoint, and OneDrive.  To make this day a non-issue for you, we are encouraging you to configure your account prior to this date.

Setup your mobile phone device.
Choose your preferred MFA setup instructions from the options listed below under . Call 610-499-1047, option #3 to assist you at any time.

Once completed, your next Microsoft 365 login will prompt you for the MFA action you chose during device setup.

Note: You will not be prompted for MFA while connected to Widener’s Internet or Wi-Fi Network.

Setup instructions for your Phone for MFA :
  Frequently Asked Questions- FAQs
  iPhone App Setup (recommended)
  Android App Setup (recommended)
  Text Verification Non-App Setup
(Can be used by Flip Phones, iPhones, or Android.)
  “Call Me” Non-App Setup (No Mobile Phone )


Anytime you are interested in testing MFA on your account, select one of the optional links below for instruction.
  Test using Safari
  Test using Chrome
  Test using Firefox

Note: You will not be prompted for MFA while connected to Widener’s Internet or Wi-Fi Network while testing.

Phish Alert Button (PAB) Release

We would like to introduce you to the new Phish Alert Button (PAB). Using the PAB helps us keep the university safe. The PAB is automatically deployed to your Outlook Desktop ribbon and Outlook Web App email reading pane command bar. Use this to report any suspected phishing emails. Please select the button whenever you receive a suspicious or potentially dangerous email. Upon selecting the PAB, the email will be deleted from your inbox and forwarded to ITS.

Detailed screenshots of the Phish Alert Button are available here: http://sites.widener.edu/service-catalog/pab/

Thank you for helping to keep our organization safe from cyber-crime.

Widener University
Office of Information Security
wuiso@widener.edu

: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :

If at any time you experience any issues with training, please submit a quickticket.widener.edu or call the HelpDesk for further assistance.

Cybersecurity Awareness

More tips for National Cybersecurity Awareness Month – Own IT!

Internet-based devices are everywhere in our lives: at home, school, work and on the go. An “always-on” network gives us ways to create, connect, and share, but also presents opportunities for cybersecurity threats that can compromise our most sensitive personal information.

This week we look at some of the ways to help keep us and our information safe. Here are the key messages to “Own IT.”

Never Click and Tell: staying safe on social media

Share With Care – remember that what you post – if you let it – goes to the whole world.

  • What you post can last a lifetime: Before posting online, think about what others might learn about you and who might see it in the future – teachers, parents, colleges and potential employers. Share the best of yourself online.
  • Be aware of what’s being shared: Be aware that when you post a picture or video online, you may also be sharing information about others or personal details about yourself like where you live, go to school or hang out.
  • Post only about others as you would like to have them post about you: The golden rule applies online as well. Ask permission before you tag a friend in a photo.
  • Own your online presence: It’s OK to limit who can see your information and what you share. Learn about and use privacy and security settings on your favorite online games, apps and platforms.

Keep Tabs on Your Apps: best practices for apps on your devices

  • Always lock your phone! If your phone gets lost or stolen, the first line of defense is a good lock.  Whether that’s a few numbers, a swipe pattern, or your fingerprint, always put something between your data and someone trying to get to it – and set it to auto-lock when you put it down.
  • Think twice if an app wants permission to use personal information (like your location) it doesn’t need before you say “OK.”
  • Pay attention to how much access the app wants – does it want access to your camera?  To your contacts list?  To your file system?  If so, why?  Does a game really need your camera or access to the people you know?  Make sure the app has a good reason for asking.
  • Always use approved app stores for your apps.  It’s not perfect, but apps from Apple and Google get checked for scams, viruses, malware far more  than anywhere else.

Update Privacy Settings on your phone and on social

Mobile devices – including smartphones, laptops and wearables – are always within reach everywhere we go, and they share a lot of information about us and our habits.  Check this link out to learn how to update your privacy settings on your phone and on the most popular online services to keep better control of your info: Managing Your Privacy

Our devices are a part of our lives, and it’s up to us to use them safely.  If you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.

 


Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

Cybersecurity Month wraps up

Protect IT! Final tips for keeping your data safe

It’s essential to take proactive measures to enhance cybersecurity at home, on campus, at work, and when you’re out and about. In previous weeks, we addressed how to best own and secure your personal information. Now, we need to safeguard all of that invaluable data.

If You Connect, You Must Protect

Turn on automatic updates, if you can, and protect your devices with antivirus software.

Stay Protected While Connected

Before you connect to any public wireless hotspot – like at an airport, hotel, coffee shop or café – confirm the name of the network and exact login procedures with appropriate staff. Avoid sensitive activities (e.g., banking) that require passwords or credit cards.  If you just can’t avoid it, try to use a VPN (Virtual Private Network) connection, whether it’s provided by your employer or one you pay monthly for yourself.

If You Collect It, Protect It

If you’re involved in collecting data for or about people, it’s important that you treat it with care. It is vital that organizations of all sizes take measures to keep customer/consumer data and information safe.

 

Thanks for reading!  As always, if you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.
 


 
Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

PHISHING : Cybersecurity Awareness

PHISHING

Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computers, creating vulnerability to attacks. Phishing emails may appear to come from a real financial institution, ecommerce site, government agency, or any other service, business, or individual. The email may also request personal information such as account numbers, passwords, or Social Security numbers. When users respond with the information or click on a link, attackers use it to access users’ accounts

HOW CRIMINALS LURE YOU IN

Creating a strong password is easier than you think. Follow these simple tips to shake up your password protocol:

SIMPLE TIPS:

Play hard to get with strangers. Links in email and online posts are often the way cybercriminals compromise your computer. If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments found in that email. Be cautious of generic greetings such as “Hello Bank Customer,” as these are often signs of phishing attempts. If you are concerned about the legitimacy of an email, call the company directly.

• Think before you act. Be wary of communications that implore you to act immediately. Many phishing emails attempt to create a sense of urgency, causing the recipient to fear their account or information is in jeopardy. If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform. If the email comes from an organization but still looks “phishy,” reach out to them via customer service to verify the communication.

• Protect your personal information. If people contacting you have key details from your life—your job title, multiple email addresses, full name, and more that you may have published online somewhere—they can attempt a direct spear-phishing attack on you. Cyber criminals can also use social engineering with these details to try to manipulate you into skipping normal security protocols.

• Be wary of hyperlinks. Avoid clicking on hyperlinks in emails and hover over links to verify authenticity. Also ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.

• Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. Read the Multi-Factor Authentication (MFA) How-to-Guide for more information.

• Shake up your password protocol. According to NIST guidance, you should consider using the longest password or passphrase permissible. Get creative and customize your standard password for different sites, which can prevent cyber criminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and remember different, complex passwords for each of your accounts. Read the Creating a Password Tip Sheet for more information.

• Install and update anti-virus software. Make sure all of your computers, Internet of Things devices, phones, and tablets are equipped with regularly updated antivirus software, firewalls, email filters, and anti-spyware.
 

For more information on ways you can safeguard your information, visit the National Security Agency’s Cybersecurity
Information page.