Monthly Archives: September 2015

PASSWORDS & SECURING YOUR ACCOUNTS

Passwords are like keys to your personal home online. You should do everything you can prevent people from gaining access to your password. You can also further secure your accounts by using additional authentication methods.

Passwords
When creating a password, make sure it is long and strong, with a minimum of eight characters and a mix of upper and lowercase letters, numbers and symbols.

You should also remember to:
• Not to share your password with others.
• Make your password unique to your life and not something that is easily guessed.
• Have a different password for each online account.
• Write down your password and store it in a safe place away from your computer.
• Change your password several times a year

Other Ways to Secure an Account
Typing a username and password into a website isn’t the only way to identify yourself on the web services you use.
Multi-factor authentication uses more than one form of authentication to verify an identity. Some examples are voice ID, facial recognition, iris recognition and finger scanning.
Two-factor authentication uses a username and password and another form of identification, often times a security code.

over time, more websites will be adopting multi-factor authentication. In some cases, the services may be available, but are not required.

Many email services offer two-step verification on an opt-in basis. Ask your financial institution and other online services if they offer multi-factor authentication or additional ways to verify your identity.

STOP. THINK. CONNECT. Tips:
Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you verify who you are before you conduct business on that site.

Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.

Unique account, unique password: Separate passwords for every account helps to thwart cybercriminals.

Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer.

StaySafeOnline.org “https://www.staysafeonline.org/stay-safe-online/protect-your-personal-information/passwords-and-securing-your-accounts.”

Tips for creating a strong password

“Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months” – Clifford Stoll

Passwords provide the first line of defense against unauthorized access to your computer. The stronger your password, the more protected your computer will be from hackers and malicious software. You should make sure you have strong passwords for all accounts on your computer. If you’re using a corporate network, your network administrator might require you to use a strong password.
What makes a password strong (or weak)?
A strong password:
• Is at least eight characters long.
• Does not contain your user name, real name, or company name.
• Does not contain a complete word.
• Is significantly different from previous passwords.
• Contains characters from each of the following four categories:

Character category Examples
Uppercase letters A, B, C
Lowercase letters a, b, c
Numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces ` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] \ | : ; ” ‘ , . ? /

A password might meet all the criteria above and still be a weak password. For example, Hello2U! meets all the criteria for a strong password listed above, but is still weak because it contains a complete word. H3ll0 2 U! is a stronger alternative because it replaces some of the letters in the complete word with numbers and also includes spaces.

Help yourself remember your strong password by following these tips:
• Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as My son’s birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4 for your password.

• Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, My son’s birthday is 12 December, 2004 could become Mi$un’s Brthd8iz 12124 (it’s OK to use spaces in your password).

• Relate your password to a favorite hobby or sport. For example, I love to play badminton could becomeILuv2PlayB@dm1nt()n.

If you feel you must write down your password in order to remember it, make sure you don’t label it as your password, and keep it in a safe place.

Reference: Microsoft.

UITS Spreads Some Community Love!

On Saturday, August 22nd, some of the staff with UITS participated in CSU’s Day of Service! This special day is a way our university gives back to the community so that we can make the city of Columbus just that more beautiful. All students, faculty, and staff are invited to come and participate in various service projects throughout the community for one day. Some of the sites that were visited are the Boys and Girls Club, the Columbus Botanical Garden, the House of Heroes, the Ronald McDonald House Charities, and the list continues!

Thank you to our 2015 sponsor, Waffle House, for providing breakfast and lunch for all participants! A special thank you to the staff at UITS who were able to participate this year. You all did a wonderful job and we’re excited to see what you will be up to next time!

20150822_100656
Barbara Psalmond representing the theme of the day: One Day. One University Community. Making A Difference.

 

 

How to Prevent Phishing Scams

A lot of phishing emails claim to come from legitimate sources or popular websites. The emails often ask the user to enter bank details or other personal information. There are also phishing scam websites which appear exactly like the original websites. Some of these fake websites are so well done that it’s quite impossible to tell them apart unless you look at the URL. Most of these fake websites redirect users to pages with spaces where they have to fill in essential financial information usually used to access bank accounts. Once the phishers get a hold of the information, they can carry out fraudulent monetary transactions. Sometimes, the website may ask the user to fill in personal details like social security number, driver’s license number, and other details which can be used to commit frauds in the user’s name.
While phishing techniques are getting more sophisticated, there are many things which can be done to avoid phishing. Here are some of the anti-phishing techniques.

Check the email Carefully
A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website. Sometimes, the link may lead you to the privacy policy of the legitimate company or some irrelevant pages. The email may ask you to fill in the information but the email may not contain your name. Most phishing emails will start with “Dear Customer” so you should be alert when you come across these emails. You should know that a legitimate company will not send spam emails. The email may contain the names of fictional personnel who supposedly work in the legitimate company. For instance, you may have received an email from Mr. Don Green who’s the Head of Human Resources at some big company telling you that you have won $3 million. If you want to find out if there’s really such a person working in such a company, you can contact the real company directly. Don’t call the number which is provided in the email. These emails may have an alert notice for a quick response but you must know that it’s just another ploy to get vital information.
Never Enter Financial or Personal Information
Most of the phishing emails will direct you to pages where entries for financial or personal information are required. An Internet user should never make confidential entries through the links provided in the emails.

Identify a Fake Phone Call
Phone phishing is the method in which a phone call is made to the user for the purpose of stealing personal information. For instance, the user may be asked to provide financial details for the refund of money to an account. The phone call may come from a number which appears legitimate but the area code in the phone call can be modified using VOIP technology.

Protection through Software
Anti-spyware and firewall settings should be used to prevent phishing attacks and users should update the programs regularly. Firewall protection prevents access to malicious files by blocking the attacks. Antivirus software scans every file which comes through the Internet to your computer. It helps to prevent damage to your system.
Never Send Personal Information through emails
Never send an email with sensitive information to anyone. Make it a habit to check the address of the website. A secure website always starts with “https”.

Check Bank Details Regularly
To prevent bank phishing and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check each and every entry carefully to ensure no fraudulent transactions have been made without your knowledge.

Never Download Files from Unreliable Sources
If you get a message stating a certain website may contain malicious files, do not open the website. Web browsers provide settings to prevent access to malicious web pages and when you try to access a malicious site, an alert message will appear. Never download files from suspicious emails or websites. Even search engines may show certain links which may lead users to a phishing webpage which offers low cost products. If the user makes purchases at such a website, the credit card details will be accessed by the phishers.

By PHISHING.ORG