Safer Internet Day 2019 is here. This yearly observation is a call for all Internet users to help create a better Internet that provides a safe space for people of all ages to collaborate, learn, share, and grow. This year’s theme is “together for a better Internet.”
Part of keeping the Internet safe is protecting ourselves and our communities from Internet threats and scams. According to the Federal Trade Commission, in 2017 alone, $328 million was lost to Internet scams.
Keeping MSU networks and tech protected is a full-time job, and MSU IT has a few tips and resources to make sure we can all work together for a safer Internet.
One of the most common types of Internet scams are phishing emails. A phishing email appears to be from a trusted source (even though it’s sent by a scammer), and usually asks you to provide sensitive information and implies urgency.
Always be critical of any email you receive that contains a link, an attachment, or asks for personal information. Banks, government agencies, and MSU will not use email as the official channel to request those details.
There are often red flags in phishing emails that point to their inauthenticity, including:
- The email is sent from an unusual address.
- If the email says they are from MSU, but their email doesn’t contain “@msu.edu” but is instead a close variation (@mus.edu), you should be skeptical.
- The type of information they are requesting.
- If the email is marked as urgent, proceed with caution.
- If the request is as important as the sender indicates, a phone call would be a better option.
- Overall, do not give out any personal or sensitive information to any person, agency, or official unless you initiated contact via legitimate channels.
- Grammar and spelling mistakes throughout the email.
- In most official correspondences, these types of mistakes are not present and could be a hint that something is amiss.
- Things such as incomplete sentences, basic spelling errors and strange word order should give you pause.
Think critically and use common sense when reviewing suspected phishing emails and you will save yourself – and potentially others in the MSU community – from the fallout.
What Should I Do if I’ve Been Phished?
- Forward the suspected email to MSU IT Services at email@example.com indicating whether you clicked on links or opened attachments in the email.
- If you were phished, MSU IT Services will advise you about the best course of action to take.
- Immediately change your passwords if you were phished (for MSU, visit netid.msu.edu to do so).
- For further assistance, contact the MSU IT Service Desk at (517) 432-6200.
- Learn more about how to ensure your identity and accounts are not compromised any further by visiting the Federal Trade Commission Consumer Information regarding identity theft.
MSU IT Services works hard every day to safeguard the sensitive information MSU needs to serve students, faculty, and staff. As a regular user of MSU’s network, be it for class, work, or research, here are a few ways to keep your computer and devices safe:
- Be sure to perform regular operating system, software, and application updates. These updates often include patches for vulnerabilities that make exploitation more difficult.
- Install antivirus, antispyware, and antimalware software on your computer. Do regular scans of your computer and mobile devices to stay protected.
- Use two-factor authentication. For the accounts that are important to you, take an extra step and use two-factor authentication to keep your accounts out of the hands of malicious users.
- Think before you download. Only download apps and browser extensions from trustworthy sources. Otherwise, they could allow someone to take control of your device, steal your information, compromise your accounts, and even demand ransom money to release control of the devices and its contents back to you.
- Do not share accounts with friends. If your friend wants to use the same app or service you’re using, they should set up their own account with their own username and password.
Safer Internet Day is not the only day we should care about keeping our tech secure. To learn more about securing your tech, visit the Secure IT website and report any phishing attempts to firstname.lastname@example.org or other security incidents to email@example.com. Together we can create a safer Internet.