Skip to main content
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
Campus & Community
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
Sections
  • All News
  • Arts & Culture
  • Business & Economy
  • Campus & Community
  • Health & Society
  • Media, Law & Policy
  • STEM
  • Veterans
  • University Statements
  • Syracuse University Impact
  • |
  • The Peel
  • Athletics
  • Home
  • About
  • Faculty Experts
  • For The Media
  • ’Cuse Conversations Podcast
  • Topics
    • Alumni
    • Events
    • Faculty
    • Students
    • All Topics
  • Contact
  • Submit
Campus & Community

Navigating Cybersecurity: How to Be Your Own Human Firewall

Thursday, October 10, 2024, By Christine Grabowski
Share
Information Technology Services
Hands typing on a laptop keyboard

Photo by Marilyn Hesler

Andrew McClurg, with Information Technology Services (ITS), is often asked how people can stay safe online to protect against scams and hackers. He breaks it down to some basic points to remember.

“I always focus on four main things: passwords, multi-factor authentication (MFA), keeping software updated and knowing how to spot phishing emails and how to report them,” says McClurg, an IT analyst with the Information Security (InfoSec) team.

Person with glasses wearing a navy blazer and plaid shirt, smiling at the camera.

Andrew McClurg

SU News caught up with McClurg for a Q&A on the best tips during Cybersecurity Awareness Month. Established in 2004 by Congress and the White House, the initiative raises awareness about cybersecurity’s importance and ensures people have the resources to be safer and more secure online.

For the University, InfoSec team members do everything they can to keep your experience online as safe as possible. As part of securing users and their data, the University has firewalls in place; these are security systems that monitor and control network traffic to protect a computer or network from cyberattacks. The challenge, however, is that hackers are getting smarter than ever. To stay safe online, you need to be your own human firewall.

What does that look like exactly? McClurg explains.

What can we do to keep our passwords safe?

  • Make sure all your passwords are unique across your accounts.
  • Create complex passwords.
  • Use long memorable phrases or song lyrics with numbers and special characters.
  • Never share your passwords with others. ITS staff will never ask for or need your password to assist you.
  • Setup a password manager to keep track of and monitor your passwords. This will suggest strong passwords, alert you to passwords that have appeared in data leaks and flag passwords used across accounts.

Why should we enable MFA?

MFA adds an extra layer of security to your accounts by requiring a second form of verification, such as a code or login approval request sent to your mobile device or email, in addition to your password. MFA requests could also require a biometric component, such as a fingerprint or facial recognition. The University requires the Microsoft Authenticator. Something important to keep in mind is that you should never share your MFA codes with others and ITS staff will never ask for or need your MFA code to assist you.

Want to learn more about MFA? Visit our Answers page.

How do software updates play a role in keeping devices secure?

In addition to new features and general maintenance, software updates often include security patches that close vulnerabilities that bad actors might use to install malware, steal data or launch other types of attacks. It is recommended to keep your systems updated to strengthen your security posture. Often operating systems (e.g. Windows, macOS, Android, iOS) and some software offer automatic updates to make this process easier for the user.

What is a phishing email and what should I do if I receive one?

Phishing emails are a common tactic used by cybercriminals to steal sensitive information. You should be wary of unexpected emails, especially if they ask for personal information, create a sense of urgency or contain suspicious links/attachments.

If you receive a suspicious email, be sure to consider the following:

  • Does the URL look right?
    • On your smartphone or tablet, press the link and hold down until a dialog box appears containing the URL.
    • On your computer, hover over the link with your mouse. The URL will usually appear in the lower-left corner of your window.
  • Does the login screen look right? Do not enter your NetID and password unless you are certain it is safe.
  • Are you expecting the document or link? Be suspicious of unexpected emails sharing documents and links. If you are not sure, contact the sender (preferably via text message, phone or an alternative email address) and ask if they shared a document with you.
  • Do you know the person sharing it? Consider the message suspicious if you do not know the person the message is from. Be aware, though, that phishers often use compromised accounts to send their messages, and they can also forge the sending address. If you feel at all unsure, call the person and ask if they shared a document or link with you.
  • Can you tell what the document is? Is it clear to you from the document title and message what the document is and why the sender is sharing it with you? Phishers often send vague messages that just say a document has been shared with you. They rely on your curiosity. Do not open suspicious shared documents just to see what they are.
  • Beware of flattery. Customized emails that compliment research and ask you to look at a shared document or link related to it. If it looks suspicious, do not log in.
  • Be suspicious of emails offering deals that seem too good to be true. For example, remote work that pays exceptionally well for little time investment or offers of heavily discounted or even free technology hardware, tools and musical instruments. A favorite of the security team is the free baby grand Yamaha piano, which appears several times each year.

You can report suspicious emails by using the Report Phishing function within Microsoft Outlook. This will alert the security team who will take the appropriate actions to remediate the incident, which may include deleting the email from all inboxes, locking accounts if sent from a Syracuse account and blocking the sender. Additionally, for the latest list of phishing emails that have recently circulated throughout the Syracuse University community, visit the ITS Phish Bowl.

  • Author

Christine Grabowski

  • Recent
  • First-Year Law Student to First-Year Dean: Lau Combines Law and Business to Continue College of Law’s Upward Trajectory
    Thursday, June 26, 2025, By Robert Conrad
  • Student Innovations Shine at 2025 Invent@SU Presentations
    Thursday, June 26, 2025, By Alex Dunbar
  • Iran Escalation: Experts Available This Week
    Tuesday, June 24, 2025, By Vanessa Marquette
  • SCOTUS Win for Combat Veterans Backed by Syracuse Law Clinic
    Monday, June 23, 2025, By Vanessa Marquette
  • Syracuse Views Summer 2025
    Monday, June 23, 2025, By News Staff

More In Campus & Community

Retiring University Professor and Decorated Public Servant Sean O’Keefe G’78 Reflects on a Legacy of Service

For most of his time as a public servant, Sean O’Keefe G’78 adhered to a few guiding principles: Step up when someone calls upon you to serve. Be open to anything. Challenge yourself. Those values helped O’Keefe navigate a career…

Jorge Morales ’26 Named a 2025 Beinecke Scholar

Jorge Morales ’26, a double major in history and anthropology in the Maxwell School of Citizenship and Public Affairs with a minor in English and textual studies in the College of Arts and Sciences, has been awarded the highly competitive…

Registration Open for Esports Campus Takeover Hosted by University and Gen.G

Syracuse University and global esports and gaming organization Gen.G have opened general registration at campustakeover.gg for its first Campus Takeover Sept. 20-21. The two-day conference will bring students and administrators to Syracuse to highlight career opportunities within the esports industry…

2 Whitman Students Earn Prestigious AWESOME Scholarship

For the first time in the 12-year history of the program, both nominees from the Whitman School of Management have been selected as recipients of the 2025 AWESOME Excellence in Education Scholarship, a prestigious honor awarded to top-performing undergraduate women…

Whitman’s Johan Wiklund Named a Top Scholar Globally for Business Research Publications

The Whitman School of Management’s Distinguished Professor Johan Wiklund was recently listed as one of the most prolific business and economic research scholars globally, according to “What We Know About the Science of Science in Business and Economics? Insights From…

Subscribe to SU Today

If you need help with your subscription, contact sunews@syr.edu.

Connect With Us

  • X
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
Social Media Directory

For the Media

Find an Expert Follow @SyracuseUNews
  • Facebook
  • Instagram
  • Youtube
  • LinkedIn
  • @SyracuseU
  • @SyracuseUNews
  • Social Media Directory
  • Accessibility
  • Privacy
  • Campus Status
  • Syracuse.edu
© 2025 Syracuse University News. All Rights Reserved.