Information Security Hub
Information Security is everyone’s responsibility. The RWU Information Technology Department wants to make sure our community has the tools, information, and resources we need in order to combat the growing cybersecurity threats we face. At the RWU Information Security Hub website, you’ll find useful content on how to protect your personal information, assets, and University data as well as important information on the latest security issues.
Six Things You Can Do To Keep Your Online Accounts Safe
- Protect your password
- Don't use the same password for multiple sites online.
- Never share your password. You should be the only one who knows it.
- Avoid including your name or common words. Your password should be difficult to guess.
- Use extra security features offered by the site, such as two-factor or two-step authentication.
- Make sure your email account(s) are secure.
- Log out of your accounts (i.e. Facebook, Gmail) when you use a computer you share with other people.
- Run anti-virus software on your computer.
- Think before you click or download anything.
RWU provides authorized employees the ability to utilize remote access to connect to RWU computing resources for which they have been granted approval. Click here to view the RWU remote access policy and to request access.
Tips for staying secure while working remotely:
- Assume that any network that you connect to while traveling cannot be trusted. This includes networks that require a password such as at a hotel or convention center. You do not know who set them up or who is connected to them.
- Do not use public computers to log in to accounts or access sensitive information. The computer may have a virus or malware on it either by accident or on purpose.
- Lock your mobile devices and/or laptop with a strong password or passcode. If it is lost or stolen, someone will not be able to access the information that is on it.
- Install or enable tracking software on your device. In the event that it is lost or stolen, you will be able to track where your device is and possibly even remotely wipe it if needed.
- Never leave your device or laptop in a car where they are easily seen. Criminals are more likely to break into a vehicle if they see items of value.
Below are resources to help maintain security for University data for staff and faculty who are working remotely.
What is phishing?
Phishing is an attack that uses email or a messaging service to trick you into taking an action such as clicking on a malicious link, opening an infected attachment, or responding to a scam. The message is crafted to look like it came from someone or something you know.
Unlike a generic phishing message, spear phishing emails are customized for the intended recipient. Individuals are more likely to fall victim to these attacks due to their personalized nature.
Common clues that a message is a phishing attack:
- The email appears to be from an RWU source but the subject field contains [EXT] when checking University email. This signifies that an email was sent from a source external to RWU.
- The email appears to com from a legitimate organization but the "From" address is from a personal email such as @gmail.com.
- The message comes from and official email but has a "Reply to" address going to a personal email.
- There is a sense of urgency or it requires "immediate action" before something bad happens.
- Something looks too good to be true.
- Contains a generic salutation such as "Dear Customer"
- The email requests sensitive information such as credit card numbers, passwords, or other information that a legitimate sender should already know.
What should I do if I receive a suspicious email?
- Do not click on any links or download any attachments.
- Contact the company or sender through other means (i.e. phone or through their website).
- Submit the email to MediaTech (firstname.lastname@example.org) for assistance.
- Forward the email to email@example.com.
What is SPAM?
SPAM is electronic junk mail. The term refers to email that is unsolicited, sent in bulk form, and unwanted.
What is phishing?
Phishing scams involve defrauding email recipients by acting as legitimate companies or organizations to obtain sensitive information (such as passwords or financial information).
What do SPAM and phishing emails look like?
Here are some examples received by RWU community members:
- Board Policy Professional Standards for All Roger Williams University Employees
- FW: Roger Williams University Communication Update
- Auto Default Password Reset
- "Elsevier: Materials Today Proceedings" Conference
- RE: ITS
- Webmail Upgrade
- Re: Account Re-Activation
- FW: Validation
- An Opportunity
- To All Faulty\Staff
- your job
- Roger Williams University 124
- Shoe Size Survey
- Property Sales Agreement
- From RWU Help Desk
- Help Desk
- IT Security-Change Your Password
- University Notice
- RE: School Calendar
- (RWU Staff Member's Name Here) has shared an important file with you
- You have received a new fax
- R.W.University HR!
- Your invoice 885754 is available for review!
- ....has shared a document on Google Docs with you
- Click here to view the bulletin sent by IT to the RWU community about this phishing email
- Roger Williams University
- Your Microsoft Email Account @rwu.edu Will Expire in 48 Hours
- Hi (YOUR NAME HERE)
What should I do if I receive a suspicious email?
- Do not click on any links or download any attachments.
- Contact the company or sender through other means (i.e. phone or through their website), not through the email.
- Call the MediaTech service desk at 401-254-6363 for help if needed.
- Forward the email to firstname.lastname@example.org. It may be added to this page to help the RWU community recognize fraudulent emails in future.
Where can I get more information?
The National Cyber Security Alliance site has additional information regarding SPAM and Phishing, along with other cybersecurity topics.
Here are some basic tips for recognizing email scams:
- When the email asks you to send personal or account info (like your user name and password, date of birth, social security number or financial information) by replying to the email. Roger Williams University and other legitimate companies or organizations will never ask you to provide this info via email.
- When the tone is personal, but it looks like a group email with a generic greeting (for example, "Dear Trusted Sir or Madam").
- When the subject or content refers to "you've exceeded your limit" or "click here to upgrade".
- When the sender's email address is from an overseas domain (for example: email@example.com).
- When the sender's email is from a general "email support team" or "administrator".
- When the sender's email address has a domain that's a string of seemingly random numbers or letters (for example @VNbM6fs).
- When the sender's name in the header doesn't match the sender's email address.
- When the offer seems too good to be true.
Everyone who uses any sort of computer or mobile device is a potential target to cyber attackers. They use automated tools to do all the work making it easy for them to target large numbers of people. The more people that they target the more success they will eventually have. Attackers have different motivations and hacking you helps them achieve their goal, be it to make money or use your computer to hack or harm others.
What can you do to protect yourself?
- If something is extremely urgent, odd, suspicious, or too good to be true, it is likely an attack.
- Make sure that your computers and devices are up-to-date and enable automatic updating.
- Use a strong, unique password or passphrase for each of your accounts.
- Protect your devices with a strong unique password, PIN, or other type of locking mechanism.
Clues that you may have been hacked:
- Your anti-virus alerted you that your system is infected. Open your anti-virus program to make sure that the alert was from it and not from a pop-up window trying to fool you into installing a program or calling a number.
- Friends ask you why you are spamming them with emails you know you did not send.
- Your password does not work even though you know it is correct.
- Your browser is taking you to websites that you did not want to go to.
I think I've been hacked, now what?
- Use a different computer or device to change your passwords, don't forget to change passwords to online accounts.
- Monitor your credit cards and financial accounts for any unusual activity.
- Follow the recommendations of your anti-virus program if it tells you that a file is infected.
- If you think that you are the victim of identity theft, visit identitytheft.gov.
Your home Wi-Fi network is what allows you to wirelessly connect your devices to the internet. This includes devices such as laptops, tablets, gaming consoles, and televisions. Securing your home network is a part of protecting your home.
Tips for securing your home network:
- Change the default password on you internet router. The default admin login information is often well known to criminals and may even be posted to the internet.
- Change the default name of your wireless network. Make sure that it is something unique and that it does not contain any personal information.
- Make sure that a password is required to connect to your network. The password should be different from the admin account password. Be sure to only allow people you trust to connect and use your wireless connection.
- Utilize a guest network if you are going to allow guests to connect to your network. A guest network allows access to the internet but does not allow them to connect to other devices on your home network. Again, make sure that a password is required to connect to the guest network.
- Speaking of passwords... make sure that all passwords / passphrases are strong and different from each other. Use a password manager program to keep track of your passwords / passphrases. Enable 2-factor authentication when available.
- Make sure that all the devices connected to you home network are secure by making sure that they are always running the latest version of their operating system or firmware. Enabling automatic updates when possible helps to ensure this.
Smart Home Devices
Smart home devices are the myriad of devices such as light bulbs, speakers, TVs, and door locks that connect to the internet. They bring a certain amount of convenience into the home but they also bring unique dangers. Many of the devices have little or no security built into them.
Tips for protecting devices:
- Only connect what you need. Don't connect devices that you don't need to be online.
- Keep devices up-to-date and enable automatic updating if able to do so.
- Change the default passwords if possible. Make sure to use strong, unique passwords / passphrases.
- If you are able to configure privacy options, limit the amount of information the device collects or shares. Consider disabling information sharing capabilities all together.
- Buy devices from companies you know and trust.
- If a device utilizes voice commands then it is constantly listening. Consider this when deciding where to place it.
- Consider putting your devices on a "Guest" network instead of your main wireless network. This keeps your main network safe if a smart home device becomes infected.
Sharing Data with 3rd Party Agencies
RWU is committed to protecting the personal information of the University community. In certain business practices, RWU benefits from sharing sensitive data with outside vendors. Payroll processing is one example. Although these partnerships are needed, they can lead to unauthorized data exposure. To help mitigate this risk, the University’s Written Information Security Program notes a safeguard measure (Safeguards, section 5) that evaluates a vendor’s security posture. This evaluation is summarized by a questionnaire that captures how our business partners will secure the data shared with them. A completed questionnaire is required for all 3rd party service contracts that share restricted university data. For more information on this process or obtain a copy of the questionnaire, please visit the following knowledge base.
Personalized scams are customized for the intended recipient. Attackers are able to easily obtain databases of people's names, passwords, or other details due to the vast number of websites that have already been hacked. Attackers can use this information to trick people into thinking that they have hacked into their system by crafting an email with some personal details about the victim. They then use fear and extortion to try to force the victim into paying them money. The key to remember is that in almost every situation your system was never hacked in the first place.
Clues to look for:
- Be suspicious if you receive a highly urgent email, message, or phone call. Attackers want to rush you into making a mistake.
- Payment is demanded in Bitcoin, gift cards, or other untraceable methods.
- If the email looks suspicious, search online to see if anyone has reported a similar attack.
Phone Call Attacks
Attackers use phone calls to try to trick people into doing what they want by creating situations that seem very urgent so that they rush into making a mistake. Common situations are: pretending to be from a government tax department saying you have unpaid taxes or pretending to be from Microsoft Tech Support and telling the victim that their computer is infected.
Things to keep in mind:
- Be suspicious anytime someone calls you and creates a sense of urgency.
- If you think that the call is an attack, hang up. Call the organization directly yourself to verify if the call was legitimate.
- Never trust Caller ID. Phone numbers can be spoofed to look like they come from legitimate organizations.
- Never allow a caller to take temporary control of your computer or trick you into downloading software.
- If a call is not from someone you know, let it go to voicemail. Let the caller leave a message and review calls on your own time.
Smishing / Messaging Attacks
In a smishing or messaging attack, the attacker uses SMS, texting, or messaging to reach out to their victim to try to trick them into taking an action that they should not take. These types of attacks feel more informal than email making it more likely that someone will fall for them.
Clues of an attack:
- Be suspicious of a message that creates a sense of urgency.
- The message sounds too good to be true.
- The message appears to come from someone you know but the wording does not seem like them.
- The message asks for sensitive information that they should already have access to.
Malware / Ransomware
Malware is software used to perform malicious actions such as spying on online activity, sealing passwords or files, or using your system to attack others. Malware can infect any device including Mac computers and smartphones to DVRs and security cameras.
Ransomware is a special type of malware that encrypts files making them inaccessible. Attackers then require that you pay them a ransom, usually in digital currency such as Bitcoin, before they will decrypt your files. Paying the ransom is not a guarantee though that you will be able to recover your files. The attackers may not provide a decryption method, something could go wrong with the decryption process, or they may infect your computer with additional malware.
Steps you can take to protect yourself:
- Keep your computer and devices up-to-date and enable automatic updating whenever possible.
- Install trusted anti-virus software.
- Only download and install programs and apps from trusted online stores.
- Be suspicious of messages that create a sense of urgency or seem too good to be true.
- Regularly back up your system and files wither to Cloud-based services or store your backups offline, such as on a disconnected hard drive.
RWU IT provides cybersecurity awareness training through the SANS Institute. To access this training, go to access.sans.org/go/RogerWilliams and use your RWU email username and password to sign in.
SANS also publishes a monthly newsletter highlighting different cybersecurity awareness topics that can be found here.
Avoiding Phishing Scams(Requires RWU username and password to view video)
Mobile devices have become an important part of daily life as not only a means to communicate with others but for may other uses such as online banking. The biggest threat to your mobile device is you. it is much more likely that you will lose or forget a mobile device than it is for it to be hacked.
Tips for securing your device:
- Enable the screen lock and require that a passcode or fingerprint is needed to unlock it.
- Enable automatic updating. Devices running the most recent version of their operating system and apps are harder to hack.
- Install or enable tracking abilities so that you can tract your device over the internet. This makes it possible to locate it and may allow you to remotely wipe all of your information off the device if needed.
- Only download apps from trusted sources such as the Apple App Store or Google Play. Apps from other sites are more likely to be infected. Delete apps that you no longer use of need.
When you are ready to dispose of or donate your device, you should securely wipe it which erases all the data on the device. The easiest method to to this to perform a factory reset on your device. Additionally, you should remove the SIM card and physically destroy it as it retains information about your account. If you have an employer issued device, check with your supervisor about proper disposal procedures.
Passwords / Passphrases
Strong passwords are essential to safeguard your personal information. Once a cybercriminal has your password, they may be able to access your bank account, read your email, or worse. Traditional passwords can be complex, hard to remember, and confusing. It is now recommended to use a passphrase instead. A passphrase is a series of random words (Green-Luck-Easily) or a sentence (Time for Coffee!) which are easier to remember but harder for attackers to hack. They are strong because they use capital letters and symbols. TO make them even stronger, letters can be replaced with symbols such as using the @ symbol in place of the letter 'a'.
Tips for using phassphrases:
- Use a different passphrase for each different device and account. Consider using a password manager program that securely stores your passphrases for you.
- Never share your passphrase with anyone. The only exception would be to share it with a trusted family member in case of an emergency.
- Do not use public computers to log in to accounts. The computer may have a virus or malware on it either by accident or on purpose.
- Use two-factor authentication whenever possible. This is where something like a passcode sent to your smartphone is needed in addition to your passphrase in order to log in to your account.
- Use a PIN, passphrase, or biometric (fingerprint) method to protect mobile devices.
- Close, delete, or disable accounts you no longer use.
2 Factor Authentication
RWU uses a high-security email login procedure known as 2-factor authentication in an effort to prevent password compromise and improve account security. With this procedure you will need to set up a phone to use to authenticate your account. The easiest and most flexible option is to use a cell phone, wich can provide authentication through a specific Authenticator app, through text message, or through a voice call. Alternately, you can set up a landline phone (office, home, or other) as a method of authentication. However, if a landline is used, you will need to be at that location when you are authenticating your account.
For more information on 2-factor authentication, click here.
For information on how to set up 2-factor authentication, click here.
Contact the MediaTech help desk at x6363 if you have any questions or need help setting up 2-factor authentication.