Welcome to Cyber Security Awareness of the Month Club

SMU OIT 2019 Calendar CoverBy the time you are reading this, many of you on campus have received your 2019 Cyber Security Awareness Calendar.  In an effort to promote and remind the SMU community of their role in cybersecurity, the OIT Security Team has created an educational and fun calendar to hang proudly at your desk.  Continue reading Welcome to Cyber Security Awareness of the Month Club

SMU CSO George Finney Recognized as Security Thought Leader

George Finney - Selected as a 2018 Security Magazine Thought Leader

We are proud to announce that OIT’s own George Finney has been featured as one of Security Magazine’s Security 500 as a Thought Leader for 2018!

George has worn many hats during his long career at SMU, and he has made great strides in revolutionizing cybersecurity practices during his time as Chief Security Officer. From modernizing physical security to the creation of a security operations center, George and his team have shown how important cybersecurity is to the success of SMU as a whole.

In addition to his duties as CSO, George has also written a book on cybersecurity practices: No More Magic Wands: Transformative Cybersecurity Change for Everyone. The book details common cybersecurity issues in an informative, entertaining, and above-all actionable way.

Congratulations to George on his achievement!

Identify Online Shopping Scams

By Rajat Shetty During the holiday season, Cybercriminals’ potential victims are often caught up in the frenzy of shopping, finding the best deals, and acting quickly to take advantage of limited offers. Email and social networks are clogged with sales and offers, both legitimate and fraudulent. Sometimes haste causes shoppers to miss the warning signs of a fraudulent website.

Avoid Suspicious Websites

Make sure you cross check the contact info before submitting your payment details. In many cases, fake websites put up incorrect contact info like a wrong phone number or an incorrect address. A few other warning signs of suspicious websites are lots of broken links, grammatical mistakes, and spelling errors. If in doubt, don’t check out!

Verify the Web Address (or URL)

Before you type in any credit-card numbers at check out, check the Web address, or uniform resource locator (URL), of the payment page and make sure it’s using a secure connection. You should be seeing either the character string “https://” before the website URL, or a small icon of a green padlock. Also, make sure the URL address is correct, and not a slight misspelling of the real address or a random URL.

For example, check the snapshots below for the official website of Beats headphones. The first one is the original website, whereas the second website is a fraudulent one having the exact layout and font style as the original website. The difference is, when you pay through credit card or debit card on the 2nd website you are not going to receive any headphones (Not even a fake one!)

Original website

Fake website

Use Caution when Shopping by Phone

Although it can be convenient, use extra care when shopping with your smartphone. Phones are more susceptible to malwares as most do not have an anti-virus. Also, it’s highly unsafe to store your credit card or debit card information on your phone.  Only buy from trusted and familiar websites when you shop through your smartphone, and use a password protected internet connection. Never shop over unsecured public Wi-fi. Remember, it’s always better to check twice before clicking the ok button. People loose thousands of dollars in a haste to snag online deals. Protect yourself from becoming a victim to fraudulent websites by exercising caution before giving out your credit/debit card details.

Last Week of Information Security Awareness Month

Info-Sec-2013-web-slide

This is the last week of Information Security Awareness month. All training content is posted within Blackboard to simplify the process. It requires about 30 minutes to complete the course. However, you do not have to complete all the videos in one sitting.  Most of the videos are just a few minutes long. The training will remain available after the end of this month; however, we encourage you to take the training as soon as possible, especially if you use sensitive information like credit cards or social security numbers in your day to day activities.

To complete the training:

1. Visit https://courses.smu.edu.
2. Login with your SMU ID and password.
3. Locate the Security Awareness 2013 course in the My Courses section.
4. Click on the tutorial you wish to preview.  Blackboard will remember which ones you have completed and which still remain.
5. Complete the 3 question quiz at the end of each tutorial.

Later this fall, the training will be uploaded to your training transcript in Access.SMU.