Category: Security Awareness

Setting Up Duo Two-Factor Authentication at SMU

Please Note:

These instructions are for new users only. For those re-enrolling a device, please call the IT Help Desk at 214.768.HELP (4357). More information is also available on the Duo 2FA page at smu.edu/duo.

Duo

The following steps are our recommendations for the initial setup of Duo’s Two-Factor Authentication (2FA) at SMU.

  1. Install the Duo Mobile app on a smartphone or tablet.
  2. Enroll your mobile device with Duo.
  3. Activate Duo Mobile for your Device.
  4. Add a second device, such as your office phone.
  5. Configure Duo to automatically send a Duo Push to your mobile device.

We will go through these steps to get you started with two-factor authentication with Duo. Continue reading Setting Up Duo Two-Factor Authentication at SMU

New Email Phishing Simulations Coming Soon

AnitPhish (Anti-Phishing Campaign)Phishing attempts are email messages sent by hackers pretending to be your friends, coworkers, or trusted companies. These emails try to lure you to reveal your personal information, such as your passwords, credit card numbers, or bank account numbers, with alarmist sounding messages. Some may even direct you to an official-looking website requesting such information. These websites may also be infected with computer viruses or other forms of malicious software. Phishing messages have potential to damage our IT infrastructure and expose sensitive University data.

Due to the increased volume of recent phishing attempts, SMU’s Information Security Team is launching another round of the phishing awareness program, AntiPhish. This program will send simulated phishing emails, analyze how SMU employees respond to these messages, and track the success of employees in recognizing and deleting phishing emails. For those falling victim to the phishing attempts, the Information Security Team will offer training tools to help employees learn how to avoid falling victim to phishing messages. The phishing simulations will take place at SMU in the coming weeks.

As a reminder, if you receive any email message that appears malicious or asks for confidential personal information, Information Security asks that you do the following:

  • Contact the IT Help Desk or your local IT Support group regarding the email.
  • Delete the email from your mailbox without clicking on any hyperlinks or attachments.

For valuable resources and other information, please visit the Information Security website at www.smu.edu/OIT/Infosec.

If you have questions about the upcoming phishing simulation or training tools, please contact the IT Help Desk at 214-768-4357 (HELP).

How to avoid the computer trap even TODAY’s Natalie Morales fell for

On Friday, our Chief Security Officer George Finney discussed the popularity of recent phone scams and how someone could hack you over the phone. While we focused on the cold-calling version of this scam, there is another popular one that masks itself as a warning pop-up notifying your that your system is infected. On this morning’s Today Show, Jeff Rossen showed how even national new anchor Natalie Morales can fall for one of these hacker tricks.

You can watch the full Rossen Report after the break.

Continue reading How to avoid the computer trap even TODAY’s Natalie Morales fell for

Phone Scam: Hacking Over The Phone

No Spoofed Phone CallsMembers of the SMU Community have reported a number of phone calls in the last several weeks attempting to gain access to your computer.  Usually, these callers will indicate that they have “noticed” that your computer has been infected with malware and will helpfully offer to fix it for you while on the phone.  The caller will direct you to a website and request that you download software to help fix your PC, but you will actually be downloading malware.  This will usually lock your computer and the person will require you to pay hundreds of dollars to unlock it. Continue reading Phone Scam: Hacking Over The Phone

VPN has a new address

VPNStarting today, OIT will begin phasing out securenet.smu.edu for vpn.smu.edu. This change coincides with the move of the VPN services to new hardware. When you log in to the new VPN for the first time, you will be prompted to install the updated Cisco AnyConnect software.

If you have any bookmarks or links using the old URL, we recommend updating them to the new address of vpn.smu.edu.

About VPN

Virtual Private Networking (VPN) provides a secure connection to the SMU network through an established DSL or cable modem connection with an outside Internet Service Provider (ISP). The VPN connection provides access to secure SMU network resources such as departmental drives and applications hosted on the campus intranet.

Using VPN

There are two methods for establishing the VPN connection: browser-based and client based. Users can link to vpn.smu.edu through their web browser and log in with their SMU ID and password. Only the traffic within that browser window will be routed through the VPN connection.

Cisco AnyConnectTo use the VPN client, download AnyConnect from vpn.smu.edu (log in with your SMU ID and password and click “AnyConnect” in the left navigation). Once a session is established, all traffic will be routed through the secure VPN connection.

Please contact the IT Help Desk at 214-768-HELP with any questions about using VPN.

 

IT Connect is published by the Office of Information Technology at Southern Methodist University.


Office of Information Technology
Copyright © Office of Information Technology, SMU
smu.edu/help  | 214.768.HELPhelp@smu.edu