Bookmark and Share

Information Security Goes Phishing in September

 Information Security Goes Phishing in September

08/24/2010 

In September, the College will launch “Information Security…Everyone’s Responsibility,” a yearlong informational effort that will provide campus community members with valuable tips, things to do and avoid, and interactive exercises to help drive home the important messages about information security.

“Every day the campus faces thousands of potential information security threats through email, computer viruses, and how we handle confidential data,” explained Associate Provost for Information Resources Amy Berg.

"While Information Resources prevents many of these threats from reaching campus users, we can't stop all of them. Every student, faculty and staff member must be diligent to protect themselves and the confidential data they access and maintain. Therefore, over the next eight months, the Information Security Group will conduct an awareness campaign to educate users concerning security vulnerabilities and how to avoid them.”

Phishing and how to deal with it will be the monthly focus in September, when the campus will receive weekly e-mails, each offering perspective into identity theft. Informational posters will also be placed across campus.

In short, phishing is a cyber crime where well-designed and legitimate looking e-mails and pop-up messages lure victims into revealing their username, password, credit card number, Social Security Number, or other sensitive information.

The danger is that phishing messages look just like those e-mails a computer user receives from trusted places, e.g. banks, schools, and merchants. No one should respond to e-mail or pop-up messages that ask the user to confirm, validate or update his or her information by replying to the e-mail or by clicking on a link.

The Information Security…Everyone’s Responsibility organizers offer the following tips regarding phishing:

  • Never reply to any message or email that asks for your username, C#, password, account information, or anything else that would be considered sensitive.
  • Never click on a link in a message or pop up.
  • Never call phone numbers that are provided in messages that ask for personnel information.
  • Keep your anti-virus software and your firewall up to date. They help protect you from malicious software installations.
  • SUNY Cortland will never ask you to provide your username and password via an e-mail link! If you get a message like this, don’t be a PHISH! Don’t bite!

For more information on “Information Security…Everyone’s Responsibility,” visit the College’s Information Security website

The Information Security Group members organizing the events are: Carol Van Der Karr, associate provost for academic affairs; Colleen DeGouff, director, student accounts; Daniel Sidebottom, director, administrative computing; Donna Margine, registrar; Joshua Peluso, associate director administrative systems; Karen Gallagher, director, financial aid; Kathy Jensen, Database administrator, advancement information services; Nanette Pasquarello, director, judicial affairs; Peter Koryzno, director, public relations; and Amy Berg, associate provost for information resources.