Stay secure during National Cybersecurity Awareness Month

Secure IT! New info for a secure October

It‘s true: bad guys are getting better at stealing personal information from unsuspecting victims. But all is not lost; taking a few proactive steps can help to improve your account and device security. Here are the key messages to “Secure IT.”

 

Shake Up Your Passphrase Protocol

Passphrases can be inconvenient, but they’re important if you want to keep your information safe. Here are some simple ways to secure your accounts through better passphrase practices.

  • Make your passphrase a sentence: A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
  • Unique account, unique passphrase: Having separate passphrases for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passphrases.
  • Write it down and keep it safe: Everyone can forget a passphrase. Keep a list that’s stored in a safe, secure place away from your computer. You can alternatively use a service like a passphrase manager to keep track of your passphrase.

Double Your Login Protection

Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring.  Who’s offering multi-factor?  Check out a list of services here. (link)

Shop Safe Online

  • Conduct research: When using a new website for purchases, read reviews and see if other consumers have had a positive or negative experience with the site.
  • When in doubt, throw it out: Links in emails, posts and texts are often how cybercriminals try to steal your information or infect your devices.
  • Personal information is like money: value it and protect it: When making a purchase online, be alert to the kinds of information being collected to complete the transaction. Make sure you think it is necessary for the vendor to request that information. Remember, you only need to fill out required fields at checkout.
  • Use safe payment options: Credit cards are generally the safest option because they allow buyers to seek a credit from the issuer if the product isn’t delivered or isn’t what was ordered.
  • Protect your $$: When shopping, check to be sure the site is security enabled. Look for web addresses with “https:// indicating extra measures to help secure your information.

Always Play Hard To Get With Strangers

A malicious email can look just like it comes from a financial institution, an e-commerce site, a government agency – or even Widener University. It often urges you to act quickly, “because your account has been compromised,” “your order cannot be fulfilled” or there is another urgent matter to address. If you are unsure whether an email request is legitimate, try to verify it with these steps:

  • Contact the company directly – using information provided on an account statement, on the company’s official website or on the back of a credit card.
  • Search for the company online – but not with information provided in the email.
  • Pay attention to the website’s URL – Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • Read Between the Lines – Is the message to you, or to “valued customer?”  Are you the only one in the “TO:” line?  These are common red flags for phishing emails.

As always, if you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.