Technology: Safe Computing Tips
Beware of Phishing
Phishing — attempting to trick people into providing confidential information (usernames, passwords, banking, or other account info) by masquerading as a trusted individual or organization in electronic communication. Protect yourself!
- Don't trust that the message was actually sent by the individual or organization listed in the From: address of the message. This can be easily 'spoofed,' and you may even receive messages supposedly from your own account.
- Beware if the message conveys a sense of urgency — that is usually a clue that a message is fraudulent. Messages that warn you that you must click a link and provide your information to prevent your account from being suspended should always be considered fraudulent.
- Never, ever provide personal information in response to any email message. (This includes your address, phone number, bank information, Social Security number or passwords.) Even if an email looks authentic, do not assume that it is.
- Do not trust links in a message that ask for personal information or urge you to Log In Now. Thos links could take you to a fraudulent web site designed to look just like the real thing. Contact your bank or account provider directly if asked to provide such information.
Other Ways to Protect Yourself and Your Computer
- Install security patches promptly, for your operating system, Web browsers, and email applications.
- Avoid email attachments unless you are expecting one. If you are not expecting an attachment delete it without opening it. (And don't send attachments without warning the recipients!)
- Delete spam messages—or any message with an offensive subject line—without opening it. Never reply to a spam message or click a link to request to be removed from the list—in almost all cases this will confirm your address as valid, and will guarantee that you will receive more spam. When you cannot tell if a message is spam or not, open it but delete it immediately if turns out to be an unwanted message. Never open an attachment included in a spam message.
- Install virus protection software. For Windows users, a good free alternative is Microsoft Security Essentials.
- Update your antivirus scanning software regularly. Most antivirus software can automatically link to the Internet and download updated virus definitions.
- Scan your system regularly. Either set your antivirus software to automatically scan the system or get in the habit of performing a scan on a regular basis.
- Stay informed. New virus and security alerts appear almost every day. You can keep up-to-date by checking websites such as C|Net’s Virus Center.
About Your Passwords
Selecting a password is a delicate balancing act between the need for security and your need to remember it! Here are some suggestions for selecting a password and keeping it secure.
Some Things to Avoid...
- Don't use personal information, such as birth dates, anniversaries, or the name of your pet or child.
- Don't use names from popular movies, titles, or phrases.
- Don't use words found in dictionaries or borrowed from other languages. (There are tools on the Internet that use dictionaries of common words and phrases which can be used to crack a password by brute force—using the speed of the computer to try hundreds of word combinations every second.)
Selecting a Strong Password
These are some suggestions to help you select passwords that are more secure:
- Use at least eight characters, including alphanumerics and symbols.
- You might add numbers inside or around words, such as 2symb0l8, or combine two words. For example, circus and clown7 could be combined as ccilrocwuns7 (alternating characters between the two words)
- Use different passwords for each account you want to protect. In that way, if someone discovers one of your passwords, they won't have access to all of your accounts.
- Change your passwords regularly. At a minimum, we suggest you change your password twice a year, like the batteries in your smoke detectors. When a new semester begins, change your password. Or when Daylight Savings Time starts or ends, change your password.
- Protect your password by not sharing it with anyone else. Never allow others to log in to your accounts. Treat your password as you do your wallet—don't share it, and don't let it out of your sight.
How Do You Remember All of These Passwords?
The most secure password is useless if you cannot remember it, or need to have it written down and taped to your monitor. So if your passwords cannot be simple words and you need to have different ones for each service, how do you manage all of them?
Most of us need to write them down. The key is not to put them in plain sight, and not to make them easily understandable for others. If you have a personal address book, perhaps you could add listings that would be easy for you to understand but not make much sense to others.
Don't store a written password anywhere near your computer, unless it can be locked in a drawer.
Information Technology Contact: 614.222.6174
March 21, 2011