 |
 |
Preventing Identity Theft Part 1
In 2008, there were 9.9 million US adult victims to identity fraud resulting in $48 billion in losses and damages according to a study by Javelin Strategy and Research. Financial institutions are developing and implementing new technologies to improve online and physical security of information and communication. Law enforcement is working closely with businesses, the financial sector, and consumers to identify and investigate the crimes and criminals. But there are some things that you can do to protect your personally identifiable information. more . . . |
|
YOUR MAILBOX HAS BEEN DE-ACTIVATED Phishing Scheme
YOUR MAILBOX HAS BEEN DE-ACTIVATED is yet another Email SCAM circulating across campus. ITCS reminds you to be alert for email scams, hoaxes and Phishing schemes. This Phishing scheme requests users to send their user name, password and email address to prevent de-activation of their mailbox. NEVER provide account information, password and other personal identifying information in reply to an email. more . . . |
|
October is National Cyber Security Awareness Month
National Cyber Security Awareness Month (NCSAM), conducted every October since 2001, is a national public awareness campaign to encourage everyone to protect their computers and our nation's critical cyber infrastructure. Avoiding phishing scams is the focal point for the ECU campus this year. Stay tuned this month for security tips and additional resources. more . . . |
|
Don't click the "unsubscribe" link
Spam filters are catching most unwanted e-mail, but some might still reach you. Most spam is designed to get you to respond with your own email or to click a link to "unsubscribe." When you respond or click the "unsubscribe" link, the sender takes your email address and adds it to a SPAM database of active email addresses. You might then start to receive a large amount of SPAM in your inbox. Do not respond or click the "unsubscribe" links. more . . . |
|
Protect Sensitive Data
Identity theft occurs when someone uses your personal information such as your name, Social Security number (SSN), credit card number or other identifying information, without your permission to commit fraud or other crimes. No one wants to go through the hassle of trying to clean up the mess that can occur as a result of identity theft. Therefore, it is to everyone's advantage to ensure that sensitive data is protected. more . . . |
|
Do not allow your web browser to store passwords for you
Web browser programs offer the option of "remembering" your password, but these programs have varying degrees of security protecting that information. A stored password allows any user who has access to your machine to log into your web accounts and even compromise many systems. In addition, there are numerous utilities that can expose that hidden information and actually reveal the password. Therefore, DO NOT check the "remember my password" option on your web browser. more . . . |
|
Email Safety
When a major news event happens, there is usually an increase of cyber criminals sending email with a subject line related to the event and including an attachment containing malware to infect your computer. For example, the United States Computer Readiness Team run by the Department of Homeland Security reported an increase in phishing, spam, and malicious code related to the deaths of Michael Jackson and Farah Fawcett. Staying safe online is always a combination of tools and behavior. Make sure key software such as the operating system and security software is up to date and use good judgment to avoid scams and phishing attempts. more . . . |
|
Why Use BCC?
BCC stands for blind carbon copy and is used to hide the email addresses of the recipients of messages. Benefits to using BCC are: <1> Prevent the harvesting of email addresses from the To and CC fields by Spammers. If you are sending messages to a diverse group of people, do not add their addresses to the To and CC fields but instead use the BCC field. <2> Avoid the embarrassment of someone replying to your message with a response that is NOT appropriate for all recipients on your distribution list. With BCC, the reply will go only to you. <3> Avoid that long list of Forwarded Email messages when recipients on a long distribution list continue to reply to everyone who is CC'd on the emails. Forwarded email messages frequently contain long lists of email addresses that were CC'd by previous senders. more . . . |
|
Could This Happen to You?
Cornell University informed more than 45,000 current and former members of the University community that their sensitive personal information - including name and social security number - had been exposed when a University-owned laptop was stolen. The breach exposed thousands to identity theft, and the University said it will provide free credit reporting, credit monitoring and identity theft restoration services to those affected by the breach. The files on the laptop were not encrypted and the laptop was left by a University employee in a physically unsecure environment, in violation of University's policy.
Don't download data from University Administrative systems to portable devices or local computers. Portable devices must be physically secured. When these practices are not followed, then security breaches like the recent Cornell University incident can happen to YOU! more . . . |
|
Remove Access for Terminated Employees
Do you know as a supervisor, you are responsible for removing computer access for an employee who transfers from your department or terminates from the university? Please review the Account Termination Policy on the ITCS website. The purpose of this policy is to ensure the timely revocation of user's access to core IT resources prior to the employee's transfer or termination date. The supervisor must submit a service request to ITCS by telephone at 328-9866 or by the online system at http://help.ecu.edu. Select and complete the "Account Termination Request" under the Online Forms section. All information will be verified before revoking the terminated employee's account access. more . . . |
|
Phishing Scams
Phishing is a very prevalent Internet scam. Phony websites and email addresses are setup in hopes of tricking the user. more . . . |
|
Account Upgrade/Maintenance Email Scam
ITCS Security is alerting the campus to an e-mail scam. The "Account Upgrade/Maintenance All East Carolina University Webmail Accounts" is yet another e-mail SCAM circulating across campus. Please DO NOT respond to this e-mail that requests you to provide ECU account information. The scam e-mail appears to be from East Carolina University but it is not. ITCS reminds you to be alert for e-mail scams, hoaxes and phishing schemes. more . . . |
|
Twitter, the New Phenomenon
Twitter is a social networking and micro blogging service that allows you to answer the question, "What are you doing?" by sending short text messages 140 characters in length, which are called "tweets", to others, which are called "followers". Users can send and receive tweets through instant messaging, cell phones and the web. more . . . |
|
What is Vishing?
Vishing, like phishing, uses e-mail as an initial contact point, but is designed to have you call a fake, automated answering system, and get you to enter your account number and other sensitive information. The FBI's Internet Crime Complaint Center (IC3) has issued a warning that vishing attacks are on the rise. more . . . |
|
Preventing Identity Theft Part 2
It has been said that identity theft is the largest white collar crime in the history of the United States. In 2008, it was reported by the Federal Trade Commission that victims spent on average $1,200 in out-of-pocket expenses and an average of 175 hours in efforts to resolve the many problems caused by identity thieves. But there are some things that you can do to protect your personally identifiable information. more . . . |
|
Sensitive Data and Mobile Devices
ECU employees have access to, and are responsible for protecting a wide variety of sensitive information such as medical information, credit card numbers, and students? academic records. Failure to take care of this information places people at risk of identity theft, misuse of personal funds, or unauthorized modification of information. The usage of mobile devices such as PDAs, Smart Phones, Blackberrys and laptops by faculty and staff has greatly increased and security on these devices is a growing concern. more . . . |
|
FBI Warns of Hit Man Scammer
The online Hitman scammer who threatens to kill recipients if they do not pay thousands of dollars to the sender, is still sending out thousands of emails and the FBI is again today warning users to ignore the spam and report any incidents to the Internet Crime Complaint Center. more . . . |
|
Help Kids Socialize Safely Online
Help your kids understand what information should be private.
Use privacy settings to restrict who can access and post on your child's website.
Explain that kids should post only information that you and they are comfortable with others seeing.
Remind your kids that once they post information online, they can't take it back.
Know how your kids are getting online.
Talk to your kids about bullying.
Talk to your kids about avoiding sex talk online.
more . . . |
|
Be Wary of Unsolicited Emails!!
Check and make sure your friend sent that great screensaver.A common method of transmitting malware is by infecting some unsuspecting user's computer and then using that computer to infect others. One simple way to do this is for a hacker to hijack your address book and send copies of the malware to everyone in it. Of course, YOU need to be enticed to run the malware, and the best way to do that is to fool you into thinking the attachment is something else. If a friend or acquaintance sends you a "great screensaver" or something like that, which you were not expecting, take a few minutes to confirm that person really sent it. If no,delete it. Visit www.sans.org for additional security tips. more . . . |
|
VERIFY YOUR EMAIL ACCOUNT NOW SCAM
VERIFY YOUR EMAIL ACCOUNT NOW is yet another Email SCAM circulating across universities. ITCS reminds you to be alert for email scams, hoaxes and Phishing schemes. This Phishing scheme requests users to send their password in a reply email. ITCS will NEVER ask you to send your password to them. NEVER provide account information, password and other personal identifying information in reply to an email. Always verify the source of requests for information. You are encouraged to check the IT Security website www.ecu.edu/itsecurity Safe Practices for tips on avoiding being scammed. more . . . |
|
Email Hoax Alert!
Gang Initiation email is just another Email Hoax. ITCS reminds users to be alert for email scams, hoaxes and Phishing schemes. Recently several email scams and hoaxes have been circulating across campus. Do not forward any emails that you are not certain is true. Delete the email. Never open email attachments that you are not expecting. ECU users are encouraged to check our IT Security website www.ecu.edu/itsecurity under Safe Practices for tips on avoiding being scammed. more . . . |
|
A password should be used by only one person.
Passwords are like bubble gum; they are much better when used by only one person. If you share your computer with others, each person should have a unique account, username, and password. Don't allow another user to know or use your password, and don't ask another user if you can use theirs. When it's your turn to use the computer, log the last user off, and log on using your own username and password. When you take a break, don't leave your computer open. Log off or lock it. And remember: Passwords shorter then 8 characters are easy to crack; avoid common words and proper names; and use both uppercase and lowercase letters, numbers, and symbols. more . . . |
|
Can you hear me now? Do NOT trust your cell phone Bluetooth earpiece
Many cell phone Bluetooth hands-free earpieces have a default pin of 0000. A hacker with a Bluetooth antenna can connect to your earpiece and eavesdrop on everything that you are saying. In fact, they can even transmit to it. Think that's unlikely? Check out the YouTube video at: http://www.youtube.com/watch?v=1c-jzYAH2gw
more . . . |
|
IRS Scam Circulating
IRS Refund is just another Email Scam.
ITCS reminds users to be alert for email scams and Phishing schemes. Recently several of these scams have been circulating around to ECU accounts, and we have taken action to block these emails as we identify them. Despite our best efforts, occasionally one may still show up in your email.
Email Scams come in many different forms. If you receive one of these messages, do not respond to it (or any such scam). Delete the message. You can check the Scam Hoax website at http://www.snopes.com/crime/fraud/hitman.asp to determine if it is a known hoax. To avoid Phishing and Scams, do not reply to any email that requests your personal information. Be very suspicious of any email from a business or person that asks for your password, social security number, or other highly sensitive information. Delete the email.
ECU users are encouraged to check our IT Security website www.ecu.edu/itsecurity under Safe Practices for tips on avoiding being scammed. more . . . |
|
Recovering Departmental Data
Access to departmental data is critical to the efficient operation of each department. It is imperative that departments implement procedures to store departmental data centrally to provide access to those who require it. It is also imperative that access to that data is available if the person entering the data is no longer with that department. The following steps will ensure the availability of department data. more . . . |
|
Protect Your Passphrase: It's a Matter of Life and Theft.
Occasionally, your passphrase might expire before you get a chance to change it, or you might get locked out of your accounts due to a technical glitch, so you need your passphrase reset. Since you use your ECU PirateID and passphrase to access accounts―like e-mail and OneStop―that house important and confidential information, you want to be sure that no one but YOU can request a change to your passphrase.
more . . . |
|
Passphrase Safety
A compromised Passphrase can risk disclosure of more than just an individual's e-mail and personal files. It almost always risks disclosure of other sensitive information related to student affairs, personnel issues, and patient care. Always use good practices when creating and using passphrases. more . . . |
|
|
|
|
