10/01/2024
Dear members of the Puget Sound community,
October is Cybersecurity Awareness Month, a global effort to provide education about online safety and how we can #SecureOurWorld. Throughout the month, Technology Services will provide opportunities for you to sharpen your cybersecurity skills and share essential tips on how you can stay safe online. For additional details and to sign up for learning opportunities, please visit pugetsound.edu/CAM2024.
This week’s learning opportunity spotlight: Detecting Misinformation
Come learn about detecting misinformation and ways to counter it! Collins librarians will provide an overview of how misinformation functions in the digital age, share strategies for spotting it, and facilitate discussion to help you decide how much you can trust the online information you encounter.
Location: LI-017 or Zoom (register here to join virtually)
Time: Thursday, October 3 at 11 a.m.
This week’s security tip: Social Engineering
Instead of using sophisticated technical tools and techniques to hack into systems and accounts, cyber attackers most commonly rely on an effective and easy method called social engineering. Social engineering is a psychological attack that aims to deceptively manipulate you into inadvertently divulging sensitive information, installing malware, giving away your money, or other harmful actions. These scams may appear in a variety of forms - emails, phone calls, text messages, social media posts, direct messages, advertisements, or even in person - and at first glance, often seem to be from a trusted source.
The key to combating these attacks is to Recognize, Resist, and Report.
Recognize red flags and common clues
- Urgent or emotionally appealing language (e.g. account suspension, overdue fees, family member in trouble)
- Email addresses that do not match the alleged sender, or when an email appearing to be from a campus member or legitimate company comes from a personal email address like @gmail.com or @outlook.com
- Requests for sensitive personal or financial information (e.g. a Google Form with a field for your password, caller asking for your health insurance policy number)
- Unsolicited or unexpected contact from individuals impersonating government entities, HR, IT, or well-known companies
- Suspicious hyperlinks, shortened URLs, or unexpected attachments (e.g. micr0soft[.]com, bit[.]ly/a12bc3)
- Piquing your curiosity or something too good to be true (e.g. delayed package, remote jobs, free instruments)
Resist the urge to act immediately
- Stop to investigate and take a closer look, or ask Technology Services
- If you suspect someone is trying to trick you or you doubt the legitimacy of a communication, play it safe and trust your spidey-sense
- Look up another way to contact a company or person directly like finding information on a company’s website or calling an individual at a known number
Report phishing and other scams
- Help stop scammers and keep others safe by telling someone
- If you receive phishing emails to your university account, be a hero and report it using the Phish Alert Button
- Most platforms have options to report phishing, mark as spam, block a number, etc
- After reporting, simply delete the message and do not reply or try to unsubscribe
Additional Resources
Ready to apply this knowledge? See if you can catch the simulated phishing email this month! Treat it as you would a real phishing message. As a bonus, campus members who report the message using the Phish Alert Button will be selected to receive an exclusive sticker, free drink from DES, or a Logger Store gift voucher.
We are excited to engage with you this month as we explore easy ways to stay safe online. For more information, please visit pugetsound.edu/CAM2024.
Thank you,
Technology Services
TS Service Desk
Walk-In Support: Tech Center in Collins Library
Phone Support: 253.879.8585
Online Help: https://support.pugetsound.edu/
Email Support: servicedesk@pugetsound.edu