October is Cyber Security Awareness Month

October is Cyber Security Awareness Month The internet connects us with a vast amount of resources, knowledge and people. Yet along with those shared connections is a share responsibility to keep ourselves, our online community and our information safe. Let’s all do our part in keeping our computing resources secure and our digital information safe.

Week 1 - Phishing and Social Engineering

The word Phishing is used to describe an act of someone attempting to acquire sensitive information through devious means. The key of a phishing attempt is to deceive the user into giving up important information (e.g. social security number, bank number or passwords). This is usually accomplished through sending out a form of “lure”, such as an e-mail or even occasionally a direct phone call, which are disguised to look trustworthy and legitimate. They tend to have an urgent tone to them hoping to “bait” there victim into making a rash decision. You always need to be cautious when dealing with personal or financial information and take the following points into consideration.
Ways to identify a phishing scam:
  • It requires that something be done immediately, such as "within the next 24 hours"
  • It requests UNT information from a site that's not affiliated with a UNT institution
  • There is a suspicious request for sensitive information
  • Emails that want personal information are not addressed specifically to you
  • There are simple and recurring misspellings or grammatical errors
  • It contains monetary offers or incentives for complying with requests
  • URLs (links) in the message body do not match what is shown in the email address or footer
Things to keep in mind when dealing with a potential phishing scam:
  • Never click on a suspicious link as it could lead to a malicious site
  • If the e-mail is supposedly from a financial institution or government agency contact them through other means to confirm the e-mail's legitimacy
  • Never make personal or financial information publicly available
If you fear you have become a victim and your UNT account has been compromised you need to act immediately. Please refer to the following link describing the procedure in reporting such an incident:

http://security.unt.edu/incidentreporting

Take a moment and read this short excerpt from the Security Team’s website regarding Phishing scams:

“UNT system administrators and staff will never ask for your UNT password. Immediately change your password and discard the old one. The senders of the fake email are collecting valid credentials to use for access to UNT services, especially email through which spam can be sent. Report the incident to your supervisor and system administrator, so any additional containment or handling can be coordinated.”


Now sit back and relax while enjoying this fine video on how not to fall victim to Social Engineering.


If you have problems viewing this video in your browser, right click on the area above for options to access it.

More information can be found at http://security.unt.edu/resources/identitytheft.