麻豆传媒

Surfing the web can be scary.

One minute you鈥檙e checking the latest news and sharing what you ate on social media. The next you鈥檙e getting an email from a prince of a country you never heard of telling you that if you click a link, they will give you millions of dollars.

Across the world, untold numbers of fraudulent emails are sent daily, trying to get people to share their personal and financial information so criminals can steal it. This is called phishing, and Towson University emails accounts are not immune.

To help keep the TU community safe online, it looks to its cybersecurity professionals in the Office of Technology Services (OTS) and its Office of Information Security and Privacy.

Michael Kaiser, TU鈥檚 chief information security officer, says OTS responds to thousands of phishing alerts per week.

鈥淭hat doesn鈥檛 account for hundreds of thousands of attacks we get on our firewall a day that don鈥檛 make it to the TU community,鈥� Kaiser says. 鈥淲hen President Ginsberg started, the next week we started getting phishing emails from people pretending to be him.

鈥淭hese people watch what we put on our website. They can find out who our president is, who the CFO is and start drilling down and finding easy ways to get information.鈥�

When President Ginsberg started, the next week we started getting phishing emails from people pretending to be him. These people watch what we put on our website.

Michael Kaiser, TU's chief information security officer

How do you spot a phishing email?

OTS staff members work with the campus community by sending out practice phishing emails. While these are not dangerous, faculty and staff should still report them.

鈥淭he most important thing to do is step back and look at the email for a second,鈥� Kaiser says. 鈥淲e also routinely test the campus on their phishing awareness. I will say our phishing campaigns [are almost a perfect] match [to] real phishing emails the campus community will get.鈥�

One way TU helps with phishing is maintaining a Phish Tank, a website that highlights recent large-scale phishing attacks from around the world.

The two biggest giveaways of a phishing email are poor grammar and asking for personal information.

Other things to look for: an external email tag, a sense of urgency, plays on the recipient鈥檚 emotions and an outcome that is too good to be true.

Keeping TU safe around the web

OTS continues to find new ways to keep its data, and the data of the campus community, safe. This includes using Duo, a multifactor authentication service.

Faculty and staff must log into Duo to get into their Towson University accounts. Students can opt into the program now, but starting this February, they will be auto-enrolled.

One of the main precautions TU has implemented is monitoring information sharing networks that other 麻豆传媒 and colleges are part of. In fact, they are expanding that network.

OTS monitors threats to other higher education institutions and sees if TU has been under the same attacks to have the right protections in place to prevent them.

But when it comes to keeping TU safe, Kaiser says it comes down to the power of three.

• Report phishing. 鈥淧hishing is our No. 1 threat, and it鈥檚 super simple and inexpensive to do. These hackers send out millions of emails, and if they get one response, that鈥檚 good for them.鈥�
• Enable multifactor authentication. 鈥淛ust having a password these days, it's not nearly sufficient. So if you're logging into your bank website or your Apple website, and they enable multifactor authentication, take advantage of it.鈥�
• Update your software. 鈥淵ou know you have that little red dot when you're mobile that says you have a software update鈥�do it. Ninety-nine percent of the time that software update is going to be fine. It鈥檚 not going to break anything you鈥檙e doing, and it鈥檚 going to protect you from security vulnerabilities.鈥�

Tags: News You Can Use

More TU News