Every cybersecurity and IT expert has a unique method of educating the public on protecting themselves and their personal information online. According to one of Marshall IT’s main awareness campaigns, it starts with three words: Stop. Think. Connect.
Marshall IT recommends that students and faculty first stop and think about what is being asked of them, fighting back against the false sense of urgency created by many phishing scams. According to Cutler, many of these emails don’t make sense when viewed with a critical eye.
For example, suppose an email threatens that your financial aid will be taken away in 24 hours. In that case, this is likely a scam, as the Financial Aid Office would most likely reach out multiple times over various forms of communication before taking such a drastic step.
Suppose the victim still feels unsure of the email’s validity. In that case, the next step is to connect by either reaching out to the organization or individual directly or even contacting IT to see their thoughts.
“You’re not going to get in trouble if you call IT and say, ‘I think I might have done something wrong.’ I can say, unequivocally, we want to help that person to get through that because it’s their information, it’s the university’s information, and we all have a stake in making that a good situation.” Cutler said.
From a more general perspective, Jarrell provided a list of recommendations he would give to students interested in protecting their information online.
These include privating all social media accounts, only messaging people you know directly, avoiding advertising emails (even from well-known brands), not clicking links in emails and making passwords at least 16 characters long.
“The greatest password bots can hack a 14-character password in about 11 minutes or less. Once you bump up to 16 characters, it takes those same bots that are working on servers about 23 hours,” Jarrell said.
Because of this, cybercriminals will often give up if their password hack takes more than ten minutes, providing an extra layer of protection for personal information.
Lastly, one of the most potent tools in cybersecurity is two-factor authentication, which requires logins to be performed using more than one device or account, usually involving a confirmation code sent to the user’s phone during the login.
Marshall IT uses this tool extensively to protect emails, and Jarrell argues that it is one of the best tools at an organization’s disposal. However, cybercriminals may also try to find ways around this security message.
A technique known as “smishing” involves fraudulent messages sent over text, and this is one technique cybercriminals may use to try to get into networks that utilize two-factor authentication.
The same techniques for protecting oneself from phishing still apply here, though, and with a critical eye, students and faculty can work to defend themselves on all platforms.
Click Here For The Original Source.
————————————————————————————-