Tackle Security, Win a Prize at Strawberry Fest

You could win a prize from Information Technology and Services (ITS) at the Syracuse University Strawberry Festival on June 12. ITS’s Information Security team has developed a crossword puzzle challenge that tests your knowledge about protecting your—and the University’s—data and devices.  Download, print, complete and submit the puzzle and you’ll be entered to win a prize. Five lucky faculty and staff members will each win a prize from the eligible entries drawn at the end of the festival.

It’s summer, but don’t take the bait!

Summer is typically an active time for email and online scams targeting universities, university employees and students across the nation. Why? Probably because users spend more time away from email during the summer than during any other season. Spammers and phishers are more successful gaining unauthorized access to users’ sensitive information, catching people off guard when they are more relaxed and vulnerable.

Phishers will send you email messages that appear to be from a trusted source, but actually are not. They will try to get you to click on a link that leads to a familiar-looking but counterfeit website they built to trap you. The website may entice you to enter your log-in credentials, or trick you into installing malicious viruses or malware on your computer or hand-held device.

Don’t fall for these phishing messages! Remember these tips to protect yourself from phishing attacks:

• Be suspicious of any email from senders you don’t know, or that seems out of character for the sender. Verify that the sender is actually who they appear to be before clicking on any links.
• Verify the URL of any link before you click it. Do this by hovering your cursor over the link and examining the URL. If you don’t recognize the URL, don’t click it.
• Never open attachments unless they are from someone you know, or are otherwise expected.
• Delete any suspicious emails before opening them if possible.
• Don’t enter your username and password (especially your Syracuse University NetID and password) to access any website if you are not 100 percent sure of its validity. In particular, you should be suspicious of email messages that have links to sites that ask you to use your SU NetID and password to log in.
• Remember that nobody at SU will ever ask for your NetID or password for any reason, in any form other than when you’re logging in to an SU system. Whenever a link in an email leads to a page that looks like a University system (i.e., MySlice), don’t log in. Open a new browser window, manually enter the known URL of the system in the address window (don’t copy the link from the email) and then log in.
• If somebody does ask for your SU NetID or password, they’re not representing the University or any of its offices. Report any occurrences to itsecurity@syr.edu.

If you need more information, or assistance with verifying any email messages, please do not hesitate to contact your local IT support team (if you’re SU faculty or staff), or the ITS Service Center (if you’re a student) at 315-443-2677 or help@syr.edu.

To receive timely notification from ITS of current information security threats follow @SecureCuse and @SU_ITS on Twitter.