Anti-Phishing Campaign Expands to Student Accounts

AnitPhish (Anti-Phishing Campaign)After the success of our anti-phishing campaigns sent to faculty and staff, the OIT Security team will soon be expanding this program to the student body to continue to educate as many in the community as possible about what to look for in suspicious e-mails.

Phishing is one of the most common ways that criminals use to obtain your login credentials or other personal information to wreak havoc. By learning what to expect in these messages, you can get rid of them quickly instead of getting tricked! Students can expect these anti-phishing campaign messages to be sent out starting this week.

Continue reading Anti-Phishing Campaign Expands to Student Accounts

Winter 2019 Security Report Now Available

Winter 2019 Security Report Cover
Our Winter 2018 edition of the OIT Security Report is now available to the SMU community.  In this edition, we show how a new phishing scam is using supervisor’s email addresses to request gift cards, we cover a data breach that exposed the personal information of up to 383 million people, and Ms. Security returns to discuss how an app is being sued for misleading consumers about data collection.

To access the report, click the link below.

View Report

Authenticating to Box@SMU is required before viewing or downloading the report.
This report is confidential and not intended for distribution outside the University.

Welcome to Cyber Security Awareness of the Month Club

SMU OIT 2019 Calendar CoverBy the time you are reading this, many of you on campus have received your 2019 Cyber Security Awareness Calendar.  In an effort to promote and remind the SMU community of their role in cybersecurity, the OIT Security Team has created an educational and fun calendar to hang proudly at your desk.  Continue reading Welcome to Cyber Security Awareness of the Month Club

SMU CSO George Finney Recognized as Security Thought Leader

George Finney - Selected as a 2018 Security Magazine Thought Leader

We are proud to announce that OIT’s own George Finney has been featured as one of Security Magazine’s Security 500 as a Thought Leader for 2018!

George has worn many hats during his long career at SMU, and he has made great strides in revolutionizing cybersecurity practices during his time as Chief Security Officer. From modernizing physical security to the creation of a security operations center, George and his team have shown how important cybersecurity is to the success of SMU as a whole.

In addition to his duties as CSO, George has also written a book on cybersecurity practices: No More Magic Wands: Transformative Cybersecurity Change for Everyone. The book details common cybersecurity issues in an informative, entertaining, and above-all actionable way.

Congratulations to George on his achievement!

Identify Online Shopping Scams

By Rajat Shetty During the holiday season, Cybercriminals’ potential victims are often caught up in the frenzy of shopping, finding the best deals, and acting quickly to take advantage of limited offers. Email and social networks are clogged with sales and offers, both legitimate and fraudulent. Sometimes haste causes shoppers to miss the warning signs of a fraudulent website.

Avoid Suspicious Websites

Make sure you cross check the contact info before submitting your payment details. In many cases, fake websites put up incorrect contact info like a wrong phone number or an incorrect address. A few other warning signs of suspicious websites are lots of broken links, grammatical mistakes, and spelling errors. If in doubt, don’t check out!

Verify the Web Address (or URL)

Before you type in any credit-card numbers at check out, check the Web address, or uniform resource locator (URL), of the payment page and make sure it’s using a secure connection. You should be seeing either the character string “https://” before the website URL, or a small icon of a green padlock. Also, make sure the URL address is correct, and not a slight misspelling of the real address or a random URL.

For example, check the snapshots below for the official website of Beats headphones. The first one is the original website, whereas the second website is a fraudulent one having the exact layout and font style as the original website. The difference is, when you pay through credit card or debit card on the 2nd website you are not going to receive any headphones (Not even a fake one!)

Original website

Fake website

Use Caution when Shopping by Phone

Although it can be convenient, use extra care when shopping with your smartphone. Phones are more susceptible to malwares as most do not have an anti-virus. Also, it’s highly unsafe to store your credit card or debit card information on your phone.  Only buy from trusted and familiar websites when you shop through your smartphone, and use a password protected internet connection. Never shop over unsecured public Wi-fi. Remember, it’s always better to check twice before clicking the ok button. People loose thousands of dollars in a haste to snag online deals. Protect yourself from becoming a victim to fraudulent websites by exercising caution before giving out your credit/debit card details.