Tips for Information Security
With the increase in phishing attempts and fraudulent emails, ITS urges students, faculty, and staff to:
- CHANGE your password every 180 days.
- USE a password manager to manage your passwords. Learn more about password managers.
- SET up Multi-Factor Authentication (MFA) for all of your personal and business accounts, where it is offered. MFA is required for CCU accounts.
- DO NOT open any suspicious email attachments. Fraudulent emails may be related to payroll/HR scams targeting employees (e.g. public employee benefits), bank alerts, fictitious "work-from-home" scams targeting university students, IT helpdesk and email quota/upgrade scams, etc.
- DO NOT forward suspicious emails.
- CONTACT ITS or SCS if you receive suspicious email messages or links to websites.
- DO NOT share your username and password via email, phone or on suspicious websites.
- DO NOT click on suspicious web links. Roll your cursor over links embedded in an email and look for inconsistencies in URL addresses.
- LOG OUT of your accounts successfully from all public computers, including instructional podiums and computers in computer labs, in order to protect your identity and privacy.
- AVOID using your CCU credentials (username and password) with external accounts such as online banking or social media sites.
Fraudulent emails may be related to payroll or human resources concerns. For example, emails include a target to employees with public employee benefits schemes, fictitious "work-from-home" offers that target students, IT Helpdesk email quota warnings sent to any users, etc.
Please contact ITS at 843-349-5000 for assistance. Or send an email to ITS by copying the link – firstname.lastname@example.org – and pasting it into an email in the "To:" field.
Protect yourself: Always think before you click
Phishing/spam emails, links, and websites may appear real. When in doubt, do not click links and delete the email immediately. If necessary, check with ITS at 843-349-5000 to verify and/or report fraudulent emails.
Be vigilant for fraudulent emails, phishing attempts, and campaigns such as shipping notifications, ecards, and fake advertisements – that may contain malicious links or attachments infected with malware. These can be sent via email or text.
Be mindful on social media as well, as phony posts can also be linked to malicious activity. Phishing attempts continue to rise worldwide. Such messages may say that your email storage is full and your email will stop working unless you click on a link to verify your account, etc. These are not legitimate emails and should be deleted immediately.
Remember, CCU will never ask you to verify your account in these manners. If you receive suspicious email messages or links to websites through your CCU account, check with ITS or SCS immediately and delete the suspicious email permanently.
- First and foremost, change your password regularly – at least every 180 days. Reset your password now »
- Never use your CCU credentials (username and password) for any other website, such as for online shopping, banking, or social media.
- Be extremely wary of emails requesting information, such as asking for you to click to confirm your purchase. Instead of clicking, directly log in to the official website by typing the address yourself.
- Avoid opening unsolicited or embedded links in an email. Roll your cursor over the links and look for inconsistencies.
- Do not download suspicious attachments.
- Never reveal any personal or financial information in an email, and do not respond to email solicitations for this information.
- Do not forward suspicious emails to others.
- Check with ITS on additional measures to enhance your email security.
- Only shop from a trusted computer (not a public one).
- Do business only with reputable online vendors. Verify the URL begins with https: (instead of http:).
- Make sure your anti-virus software is up-to-date.
- Similar to a “phishing” scam – where computer users receive an authentic-looking email that appears to be from their bank, Internet Service Provider (ISP), favorite store, or other organization – “smishing” messages are sent to you via text message on your mobile phone.
- Do not click on any URL sent to you as a link in a text message.
Clicked on a link you shouldn’t have?
- Change your password immediately. Do not reuse a previous password.
- Contact the account-related organization immediately.
- If you receive suspicious email messages or links to the website through your CCU account, confirm with ITS immediately.
Various tips above are from the U.S. Department of Homeland Security.