Skip to main content
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
Campus & Community
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
Sections
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
Campus & Community

Navigating Cybersecurity: How to Be Your Own Human Firewall

Thursday, October 10, 2024, By Christine Grabowski
Share
Information Technology Services
Hands typing on a laptop keyboard

Photo by Marilyn Hesler

Andrew McClurg, with Information Technology Services (ITS), is often asked how people can stay safe online to protect against scams and hackers. He breaks it down to some basic points to remember.

“I always focus on four main things: passwords, multi-factor authentication (MFA), keeping software updated and knowing how to spot phishing emails and how to report them,” says McClurg, an IT analyst with the Information Security (InfoSec) team.

Person with glasses wearing a navy blazer and plaid shirt, smiling at the camera.

Andrew McClurg

SU News caught up with McClurg for a Q&A on the best tips during Cybersecurity Awareness Month. Established in 2004 by Congress and the White House, the initiative raises awareness about cybersecurity’s importance and ensures people have the resources to be safer and more secure online.

For the University, InfoSec team members do everything they can to keep your experience online as safe as possible. As part of securing users and their data, the University has firewalls in place; these are security systems that monitor and control network traffic to protect a computer or network from cyberattacks. The challenge, however, is that hackers are getting smarter than ever. To stay safe online, you need to be your own human firewall.

What does that look like exactly? McClurg explains.

What can we do to keep our passwords safe?

  • Make sure all your passwords are unique across your accounts.
  • Create complex passwords.
  • Use long memorable phrases or song lyrics with numbers and special characters.
  • Never share your passwords with others. ITS staff will never ask for or need your password to assist you.
  • Setup a password manager to keep track of and monitor your passwords. This will suggest strong passwords, alert you to passwords that have appeared in data leaks and flag passwords used across accounts.

Why should we enable MFA?

MFA adds an extra layer of security to your accounts by requiring a second form of verification, such as a code or login approval request sent to your mobile device or email, in addition to your password. MFA requests could also require a biometric component, such as a fingerprint or facial recognition. The University requires the Microsoft Authenticator. Something important to keep in mind is that you should never share your MFA codes with others and ITS staff will never ask for or need your MFA code to assist you.

Want to learn more about MFA? Visit our Answers page.

How do software updates play a role in keeping devices secure?

In addition to new features and general maintenance, software updates often include security patches that close vulnerabilities that bad actors might use to install malware, steal data or launch other types of attacks. It is recommended to keep your systems updated to strengthen your security posture. Often operating systems (e.g. Windows, macOS, Android, iOS) and some software offer automatic updates to make this process easier for the user.

What is a phishing email and what should I do if I receive one?

Phishing emails are a common tactic used by cybercriminals to steal sensitive information. You should be wary of unexpected emails, especially if they ask for personal information, create a sense of urgency or contain suspicious links/attachments.

If you receive a suspicious email, be sure to consider the following:

  • Does the URL look right?
    • On your smartphone or tablet, press the link and hold down until a dialog box appears containing the URL.
    • On your computer, hover over the link with your mouse. The URL will usually appear in the lower-left corner of your window.
  • Does the login screen look right? Do not enter your NetID and password unless you are certain it is safe.
  • Are you expecting the document or link? Be suspicious of unexpected emails sharing documents and links. If you are not sure, contact the sender (preferably via text message, phone or an alternative email address) and ask if they shared a document with you.
  • Do you know the person sharing it? Consider the message suspicious if you do not know the person the message is from. Be aware, though, that phishers often use compromised accounts to send their messages, and they can also forge the sending address. If you feel at all unsure, call the person and ask if they shared a document or link with you.
  • Can you tell what the document is? Is it clear to you from the document title and message what the document is and why the sender is sharing it with you? Phishers often send vague messages that just say a document has been shared with you. They rely on your curiosity. Do not open suspicious shared documents just to see what they are.
  • Beware of flattery. Customized emails that compliment research and ask you to look at a shared document or link related to it. If it looks suspicious, do not log in.
  • Be suspicious of emails offering deals that seem too good to be true. For example, remote work that pays exceptionally well for little time investment or offers of heavily discounted or even free technology hardware, tools and musical instruments. A favorite of the security team is the free baby grand Yamaha piano, which appears several times each year.

You can report suspicious emails by using the Report Phishing function within Microsoft Outlook. This will alert the security team who will take the appropriate actions to remediate the incident, which may include deleting the email from all inboxes, locking accounts if sent from a Syracuse account and blocking the sender. Additionally, for the latest list of phishing emails that have recently circulated throughout the Syracuse University community, visit the ITS Phish Bowl.

  • Author

Christine Grabowski

  • Recent
  • Ian ’90 and Noah Eagle ’19 Share a Love of Sportscasting and Storytelling (Podcast)
    Thursday, June 5, 2025, By John Boccacino
  • Rock Record Illuminates Oxygen History
    Thursday, June 5, 2025, By Dan Bernardi
  • What Can Ancient Climate Tell Us About Modern Droughts?
    Thursday, June 5, 2025, By News Staff
  • Blackstone LaunchPad Founders Circle Welcomes New Members
    Thursday, June 5, 2025, By Cristina Hatem
  • Syracuse Stage Concludes 2024-25 Season With ‘The National Pastime’
    Wednesday, June 4, 2025, By Joanna Penalva

More In Campus & Community

Blackstone LaunchPad Founders Circle Welcomes New Members

Syracuse University Libraries’ Blackstone LaunchPad welcomed 34 graduates of the Class of 2025 as new members of the Founders Circle. They were selected in recognition of launching or leading ventures at the University while students, as well as contributing to…

Neal Powless Inducted Into American Indian Athletic Hall of Fame

You could say that lacrosse is in Neal Powless’s blood. Powless G’08, the University ombuds, is a member of the Onondaga Nation Eel Clan. He is the son, grandson and brother of legendary lacrosse players. Powless picked up a lacrosse…

The Milton Legacy: Romance, Success and Giving Back

Growing up, Stacey Milton Leal ’75 and Chris Milton heard countless stories about how Syracuse University brought their parents together in what would turn out to be a fairy tale romance with a happy forever ending. So it was no…

Syracuse University Libraries’ Information Literacy Scholars Produce Information Literacy Collab Journal

Earlier this month, Syracuse University Libraries’ Information Literacy Scholars published their first open access information literacy journal, Information Literacy Collab (ILC). It is available on SURFACE, the University’s open access institutional repository. ILC is a diamond open-access publication by and…

Trip to Atlanta Gives Falk Students ‘Real-World’ Opportunities and Connections

The city of Atlanta is home to professional sports franchises in major leagues: Atlanta United FC (Major League Soccer), the Braves (Major League Baseball), Dream (WNBA), Falcons (NFL), and Hawks (NBA). Atlanta also features professional teams in lacrosse, rugby, and…

Subscribe to SU Today

If you need help with your subscription, contact sunews@syr.edu.

Connect With Us

  • X
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
Social Media Directory

For the Media

Find an Expert Follow @SyracuseUNews
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
  • @SyracuseU
  • @SyracuseUNews
  • Social Media Directory
  • Accessibility
  • Privacy
  • Campus Status
  • Syracuse.edu
© 2025 Syracuse University News. All Rights Reserved.