Cybersecurity Awareness Month : Password Security Tips

Here are a few password security tips that you should adhere to for good security practices.

      1. Use multifactor authentication (MFA) where
        possible to protect valuable data and content.
      2. Consider using a password manager program to
        ensure that you have long and unique
        passwords for every website and service.
      3. Change the factory default passwords on your
        devices such as WiFi routers, or any other smart
        devices.

Cybersecurity Awareness Month : The Red Flags of Rogue URLs

Spotting malicious URLs is a bit of an art. The examples represented here are some of the common tricks used by hackers and phishers to fool users into visiting malicious websites. The methods shown here could be used by legitimate services, but if you see one of these “tricks” you need to make sure you’re dealing with the organization you think you are.

Look-a-Alike Domains

Slight Misspellings
          • Microsoftnline
            <v5pz @ onmicrosoft . com>
          • www.llnked in.com
Brand name in URL, but not real brand domain
          • ee.microsoft.co.login-update-dec20.info
          • www.paypal.com.bank/logon?user=johnsmith@gmail.com
          • ww17.googlechromeupdates.com/
Brand name in email address but doesn’t match brand domain
          • Bank of America
            <BankofAmerica@customerloyalty.accounts.com>

URL Domain Name Encoding

      • https://%77%77%77.%6B%6E%6F%77%62%654.%63%6F%6D

Shortened URLs

      • When clicking on a shortened URL, watch out for malicious redirection. https://bit.ly/2SnA7Fnm

Domain Mismatches

      • Human Services.gov
        <Despina.Orrantia6731610@gmx.com>
        https://www.le-blog-qui-assure.com/

Strange Originating Domains

      • MAERSK
        <info@onlinealxex.com.pl>

Open Redirectors

URLs which have hidden links to completely different web sites at the end.

      • t-info.mail.adobe.com/r/?id=hc347a&p1=evilwebsite .com

 

Cybersecurity Awareness Month : Social Engineering Awareness Tips

Here are a few  social engineering awareness tips to remember that will help protect you.

      1.  Criminals won’t just email you, they’ll use SMS,
        phone calls, or even knock on your door. Remain
        vigilant at all times.
      2.  Don’t jailbreak your phone or sideload apps from
        non-approved app stores.
      3.  Lock your computer when leaving it unattended.

Cybersecurity Awareness Month : Free Course “2021 Your Role: Internet Security and You”

From our Partners at Knowbe4: This free course is being offered during Cybersecurity Awareness Month.

2021 Your Role: Internet Security and You

With this free training course we help you understand today’s threat landscape and how to make smarter security decisions every day. Available in 34 languages!

By the end of this course, you will learn:

      • A clear understanding of today’s threat landscape
      • How to spot a cyberattack
      • Your role in preventing an attack that would put your organization or yourself at risk

https://training.knowbe4.com/modstore/view/845a6a97-bc8e-4592-8182-ff17ffa8ed70

 

Welcome to Cybersecurity Awareness Month October 2021!

In our uber-connected world, it seems like cybercriminals and malicious links creep around every corner. News stories of ransomware attacks and data breaches costing millions of dollars fly past our feeds almost constantly. We get it; it can be overwhelming. With so much information bombarding us, it can be hard to focus on the right actions to take to keep information secure. That’s why we’re recognizing Cybersecurity Awareness Month this October by sharing tips to stay cyber secure, both at work and at home. To turn away cyber attacks, a little knowledge teamed with critical thinking skills can go a long way!

Stay tuned to our blog site this month as we will be sharing weekly information provided by our InfoSec training service partner KnowBe4. The list below is what will be shared over the month of October.

    • Free Interactive Course: Social Engineering Red Flags
    • Free Interactive Course: Your Role: Internet Security and You
    • Expert-led videos on pretexting and password management
      infographics on avoiding social engineering and cybercrime
    • Cybersecurity awareness tip sheets

Microsoft Defender for Office 365

Microsoft Defender for Office 365

Widener LIS will be enabling Microsoft Defender for Office 365 on June 1st for Widener email (Outlook). All links that are found in an email are scanned by Office 365 protection services to check for security threats.

If an link is found to be unsafe, the user will be alerted with an interface describing the issue. If encountered, please close the web page immediately and continue on with your day knowing you were protected. If you feel like this website has been categorized by mistake, please open a quickticket and we will investigate. Using the “continue anyway” link is never recommended without the explicit direction of a member of the ITS Information Security Team.
click on image for a larger view

Safe Links

When a message contains a clickable image or text, the original address of the link will be replaced with a “safe link”. Safe links always contain the domain name “safelinks.protection.outlook.com/”.click on image for a larger viewSafe links will show you the original URL when you hover over the link. Emails shown in plain text mode will show the full “safe link”.click on image for a larger view

: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :

If you have any questions, please open a quickticket.widener.edu or call the HelpDesk at 610-499-1047 for further assistance.

MFA Enforcement Begins May 13th for All Employees

Starting Thursday May 13th, all employee accounts will have Multi-Factor Authentication (MFA) enforced for Microsoft 365 logins which includes Outlook, Teams, SharePoint, and OneDrive.  To make this day a non-issue for you, we are encouraging you to configure your account prior to this date.

Setup your mobile phone device.
Choose your preferred MFA setup instructions from the options listed below under . Call 610-499-1047, option #3 to assist you at any time.

Once completed, your next Microsoft 365 login will prompt you for the MFA action you chose during device setup.

Note: You will not be prompted for MFA while connected to Widener’s Internet or Wi-Fi Network.

Setup instructions for your Phone for MFA :
  Frequently Asked Questions- FAQs
  iPhone App Setup (recommended)
  Android App Setup (recommended)
  Text Verification Non-App Setup
(Can be used by Flip Phones, iPhones, or Android.)
  “Call Me” Non-App Setup (No Mobile Phone )


Anytime you are interested in testing MFA on your account, select one of the optional links below for instruction.
  Test using Safari
  Test using Chrome
  Test using Firefox

Note: You will not be prompted for MFA while connected to Widener’s Internet or Wi-Fi Network while testing.