Technology
Phishing is a cybercrime using a tactic in which a hacker targets you by email and poses as someone you may know. Their goal is to get sensitive data such as your password, banking and credit card details, and any other personally identifiable information.
Spear Phishing is a refined version of phishing. The hacker changes their email display name to emulate someone you know, thus gaining your trust. These are personalized attacks that target a specific victim. If you reply to the hacker, they are fairly certain you fell for the trick and then begin giving you instructions to get more information from you.
We have seen an increase in these attempted attacks in recent months right here at SJC.
Things to look out for that should send up red flags:
Using Google apps on your phone, tablet or other device will give you an extra layer of security. Gmail will detect that the sender is not someone you may have contacted before and will issue a warning like this:
Other email programs like Outlook or Apple email will not give you these warnings.
Lastly, if you get a suspicious email and are not sure about it, forward it to the IT team at iteam@sjcme.edu. An IT technician will investigate to determine if it is legitimate or not.
A good password is one that makes it more difficult for a hacker to crack. SJC requires a complex password; one with letters, numbers, and special characters. That’s a good start, but there is more you can go. Here are some tips for a strong password.
Long password – Mathematically speaking, the difference between a weak password and a strong password is the number of characters available, and hence the number of possible combinations available to construct a password based on those characters.
Passwords should not be easy to guess. – As human beings we tend to follow the same patterns when selecting passwords – things like pet’s names, a favorite sport, or even the word ‘password.’ Not to mention a sequential list of number like 123456. Common passwords are extremely easy to guess, and should be avoided.
There is no denying; passwords are a pain. With so many accounts, both work related and personal, it’s nearly impossible to manage them all.
Browsers have their own built-in password management. You can have the browser remember the password for you.
There are also 3rd party applications that will manage passwords for you. Some of them are free up to a certain number of passwords. These are just a few of many available:
Don’t ever think you’re “not important enough” to be attacked. It doesn’t matter how small or big our organization is or how much important information you as an individual think you might have, if you’ve got money or data (passwords, client data, emails, etc.) you are an attractive target.
Stay Secure. Have good passwords.
Multi-Factor Authentication is sometimes called Two-Factor Authentication. It means that you use more than one piece of information to verify your identity when logging into a system. The first piece of information is usually your password. This would be considered the 1st factor.
During the login process, you will be prompted to interact in some way to verify the 2nd factor. The method used for the 2nd factor can vary. Here are some of the most widely used options:
Why is Multi-Factor Authentication so important? Because computer technology, specifically computer processing speeds, have increased exponentially. A computer with hacking software can produce more than 500 million passwords a second. Some sophisticated programs can crack a 14-character alphanumeric password in about 160 seconds. Hackers use something called a ‘brute force” attack. They use these hacking programs to fire thousands of passwords at a select target. With so many combinations attempted, odds are that some of them will get through.
Passwords just aren’t that secure anymore. Multi-Factor Authentication adds another level of security for your protection. You would be wise to use it when you can.
With more and more of our daily computing done on mobile devices, here are some steps you should take to ensure your data is safe.
They seem innocent enough… Quizzes on social media that have you answer questions like; “15 questions about my childhood” or “What Disney character are you?”. Your series of answers may give hackers insight to who you are, and allow them to decipher enough information to breach your private data.
Where do quizzes come from? Some social media quizzes do have legitimate uses and are used frequently by different companies to market their products. Other quiz sites are fan based and created by individuals. Quizzes can be created by anyone in just a few minutes.
Sometimes you see a single answer quiz such as “What is your favorite dogs name?” While your answer may not seem like much information for someone to use, it very well could be the gateway to your bank account. Think about some of the canned security questions that appear when you create a new account: “mother’s maiden name; street you grew up on; favorite dogs name”. The person who receives the responses of the quiz now has a bit of information that could be used against you.
Be wary of quizzes.