ITS Blog

What you really need to know about Cyber Security and how you can fight back.

________________________________

UPDATED 4/06/2022

With phishing, cyber scams and frauds being rampant in the modern world, it is super important to be aware about cybersecurity. Moreover, with society being dependent on technology and the internet, security threats have become increasingly prevalent and ensnaring. 


Firstly, what exactly is cybersecurity?

Merriam-Webster defines cybersecurity as “measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack”.


How can we stay cybersecure?

Study up on the simple tips and tricks to remain cybersecure.


Here are few techniques to ensure cybersecurity:

NEW PHISHING SCAM UPDATE!~

NEWLY DISCOVERED PHISHING METHOD NEARLY UNDETECTABLE

Criminals upgrade their tactics to offset cybersecurity protection to block their stealing attempts! A recently discovered method is EXTREMELY troublesome. Most people access their personal email via a web browser – so this latest attack method tries to trick you via your web mail in your browser. The phishing scheme uses a “browser in a browser” or BIB popup window so that the victim will enter their authentication user info. which might seem legit but it turns out to be a hacker's trick "skimming" window instead! FIND OUT MORE INFO. NOW.


Have you ever wondered about this very important security information but were too afraid to ask or just never took the time to learn?


What is the difference between HTTP and HTTPS?

HTTP has http:// in its URL, while a website that uses HTTPS has https://.


HTTP refers to Hypertext Transfer Protocol, and HTTPS is HTTP with a layer of security. 


Web Page with HTTPS:

Web page with HTTP:


Make sure your connection is secure:

A web page's URL with HTTPS has a small lock icon next to it, which annotates that this page is safe and SECURE.


An HTTPS website facilitates an additional level of security and guards against several threats, thereby making your online presence much less vulnerable. It is always suggested to use HTTPS websites over the HTTP sites to ensure your safety and online security. 


What is PII?

PII stands for “Personally Identifiable Information” which refers to any information that can be used by a cybercriminal to identify or locate an individual. Per the Privacy Act of 1974, PII is defined as “information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.” 

It is important to identify, monitor and keep a track of your PII to stay cybersecure.


What is VPN and why should I use it?

VPN refers to a virtual private network; According to Avast, A VPN, or Virtual Private Network, routes all of your internet activity through a secure, encrypted connection, which prevents others from seeing what you're doing online and from where you're doing it. Basically a VPN provides an extra layer of security and privacy for all of your online activities. 

Information Technology Services consistently suggests using a VPN especially when using a public Wi-Fi connection.


What is a firewall and why should I use one?

CISCO says that “A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules”.


A firewall could be hardware or software or a mixture of both. Using a firewall establishes a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the internet.

What is Multi-Factor Authentication?

Multi-Factor Authentication (MFA) is an extra layer of security requiring an individual to use two or more pieces of evidence (or factors) while logging in to a system. These usually include:


  • Something you know (Your Binghamton University username and password)

  • Something you have (A device like a phone, computer, keyfob, etc.)


Use Google 2-Step and 2FA to strengthen your security. ITS recommends using Multi-factor Authentication on all your accounts to better secure and protect your information.


Take control! Use a Password Manager:

Password managers are applications that help you keep a record of all your passwords. They also can generate completely random, cryptic passwords that you don't even need to remember. 

To enable better security, use complicated passwords – make them long and difficult to figure out. They should contain combinations of letters, numbers and special characters (or) use a password manager; that way you can easily and safely use a unique password for each account and not worry about coming up with your own ones.


Stay cyber secure by following the above mentioned tips, tools and techniques. Also, with the surge in phishing attacks and scams, it is important to interpret, avoid and report phishing incidents to stay cyber secure. 


Phishing Retaliation: Should you retaliate?


The answer is NO. While there are instances of scamming the actual scammers by interacting with them to divert them, it isn’t recommended to respond to someone that you believe may be trying to scam you. It’s best to report, move to spam and/or delete. While it might be amusing to read how others have retaliated and scammed the scammer, it’s not encouraged. Scammers are criminals and the outcome or consequences of interacting with them might not always be anticipated.


Avoidance is the best policy against phishing. Avoid and report phishing scams to stay secure. Think before you click on any links or before you open any attachments without knowing what it is. It could be anything that may be vulnerable. Get wise to phishing. Stay up to date on the latest info on phishing scams by reviewing the ITS Phishing page: https://binghamton.edu/its/phishing. Also, get more information about the most common scams and frauds. Don’t forget to check the redflags to be spotted so you know what to avoid, and how to easily spot a phishing scam.


Report any suspicious activity, phishing hoaxes or scams to security@binghamton.edu and CC: police@binghamton.edu.


For questions or assistance, please contact the ITS Help Desk at 607-777-420 or HelpDesk@binghamton.edu.