Connecting you to the latest training, service information and IT updates for SMU.
Author: George Finney
George Finney is the Chief Security Officer at Southern Methodist University. He is responsible for implementing and monitoring a diverse security infrastructure to protect the University network and data.
Eggo Waffles weren’t always called Eggo Waffles. In the 1950s, in the boom that followed World War II, Americans began a love affair with frozen foods. Frank Dorsa and his three brothers in San Jose California had been running a highly popular mayonnaise business and had expanded into powdered waffle mix, but demand for their mix had started to evaporate. The problem was that making waffles was a lot of work.
Frank was a bit of an inventor, so he created a giant waffle-making machine using a merry-go-round engine and a number of electric waffle irons. Thousands of waffles were frozen and shipped every day. But the name, the “Froffle,” was a flop. Instead, customers called the waffles as “Eggos,” referring back to the distinctive egg taste of the Dorsa brother’s mayonnaise. The name, like the waffles, stuck around.
The Kellog’s Company bought the Eggo waffles line in 1968, and four years later they introduced the slogan “L’Eggo My Eggo.” The marketing campaign would be one of the most successful of all time, continuously running for 36 years. The commercials depicted kids and parents in an escalating struggle to maintain possession of their precious frozen waffles. The message was clear: the waffles were so good, if you weren’t careful, someone might steal them from you.Continue reading Culture Eats Cybersecurity For Breakfast
It’s probably not the first time you’ve heard this. A private investigator, Sam Rambam was quoted as saying “Privacy is Dead – Get Over it” in 2006. In 2012, Huffing Post contributor Miles Feldman posed the question “Is Privacy Dead?” If it is, then our inheritance may have been in probate for years without us knowing it. The most recent major violation of privacy comes through a Facebook developer, Cambridge Analytica (discussed later in this newsletter), who collected data on millions of Americans without their consent to help political strategists win the 2016 US Presidential Election. But most likely this is only the tip of the iceberg. Continue reading Privacy Is Dead, Now Where’s My Inheritance
SMU is pleased to introduce a new employee benefit to help you safeguard your family’s personal devices from malware, ransomware, and other cyber-attacks. We have partnered with Cylance® to protect our corporate devices, and as part of our steadfast commitment to information security, we are now happy to offer employees exclusive access to the same caliber of anti-malware/antivirus protection for up to 10 of your family’s devices (Windows and macOS supported) through Cylance’s Employee Purchase Program. For less than the cost of a Grande Iced Coffee, you can protect your home computer for a month from malware and viruses. Continue reading CylancePROTECT now safeguards your home computers
On January 3rd, something remarkable happened: the New York Times, CNN, and Fox News all ran front-page stories about a computer security vulnerability. The vulnerabilities, called Meltdown and Spectre, aren’t like other recent virus outbreaks and that’s part of why they are getting so much attention. These issues represent flaws in the way computer processors have been designed for the last twenty years. Continue reading Critical Security Alert: Meltdown and Spectre Vulnerability
Most social networking sites have options for you to define your security or privacy settings. At times, they may be changed or upgraded in a way that affects how your personal information is made available on the internet. To be sure you are aware of what information is being shared and how it is important to review security setting periodically.
Phishing is a method of identity theft which requests confidential information such as usernames, account numbers, passwords, etc. by masquerading as a legitimate, trusted company. This term typically refers to attempts through email. However, this same type of attack can occur in person (social engineering) or over the phone (farming).
Phishing emails have become very sophisticated. It used to be that they were so poorly written that you could just rely on really bad grammar or spelling errors to determine their legitimacy. That is no longer the case. The emails can appear to come from trusted addresses and cleverly designed with graphics, disclaimers, etc. So how can you determine if an email is legitimate?
October is National Cyber Security Awareness Month (NCSAM). Technology plays such an integral role in our daily lives—everything from paying bills to controlling our TV lineup is managed online. The wealth of information stored online about each one of us is staggering. As part of Security Awareness Month will be looking at how to keep you safe and protected both online and at work.
Just take a moment to consider the various accounts you have and the services you use. These companies have information about your spending patterns, your entertainment patterns, and your various interests right at their fingertips. Although most of us enjoy the convenience of having all of this data stored and synchronized across multiple devices, there is a cost to having this data propagated everywhere. The protection of this information starts with you.
Throughout the month of October, OIT will send you weekly emails that will help you increase your knowledge and awareness about cybersecurity.
As part of Cyber Security Awareness Month, we will be hosting our first Security Showdown on the afternoon on October 21st. Go ahead and mark your calendars. The theme this year is “I work with Superheroes” and if you know of any cybersecurity superheroes, we want to know about them. We will have more information about this interactive event in the coming weeks.
Members of the SMU Community have reported a number of phone calls in the last several weeks attempting to gain access to your computer. Usually, these callers will indicate that they have “noticed” that your computer has been infected with malware and will helpfully offer to fix it for you while on the phone. The caller will direct you to a website and request that you download software to help fix your PC, but you will actually be downloading malware. This will usually lock your computer and the person will require you to pay hundreds of dollars to unlock it.
Don’t believe it when you get a phone call from somebody claiming your computer has been hacked.
Don’t believe it when the caller says he or she is from Microsoft or Dell, or from software security company McAfee or Norton, telling you they can remove the infection by remote control.
It’s a fraud, and if you do believe it, the scammers will take over your computer and blackmail you to pay a fee or have your hard drive deleted. And they are likely to infect your computer with real malware, opening you and the University to identity theft.
Usually, caller ID shows up as a “private caller,” but even when a callback number shows, it’s likely to lead to a non-working number, which is why the FTC has so much trouble shutting down these scammers. The below voice mail is an actual example of the voice mail that one such hacker left on an SMU Voicemail:
Transcript of audio:
Good morning my name is Jacob and I’m calling you from PC Solutions and this call is in regards to your computer.
The main reason behind this call is to make you aware about the online infections that have got inside your computer from the Internet recently. We have been receiving error notifications from the centralized server of Windows. That is the reason this awareness call has been initiated to you today. If you can be in front of your computer right now I can show you where the infections are hidden inside your system.
Is it possible for you to be in front of computer right now?
Please contact the IT Help Desk at 214-768-HELP with any questions concerning viruses, or malware, or call like the one described above.