Preventing Phishing Attempts
- Social Media is the main way a phisher obtains information about you and tailors their e-mails to your interests. Limit the personal information you provide in your posts (school, location, full name, etc.), even if you're on private; not everyone who follows you is trustworthy.
- Use unique passwords: A single password used on all of your sites is a hackers best friend. A password can be stolen from a website with lax security and then be used to hack into your accounts. Unique passwords limit the damage to one site. Use a password manager to help you remember or generate your unique passwords.
- Think carefully before clicking on a link or image. Phishing and other malware scams rely on our habit to click first, think later.
- Keep programs up-to-date: Most applications on all of your devices have automated update features. Turn them on.
- Turn off Flash or turn on Ad-blocker. Flash Player is popular with hackers. They exploit Flash by inserting malicious bits of code into ad networks used by well-known businesses.
Higher education continues to be targeted by fraudulent email messages and ransomware attempts. CSUN implemented a solution that checks incoming email from off-campus accounts that contain web links with fraudulent characteristics. If fraudulent characteristics are detected, and a user clicks on one of these links, the user is directed to a page indicating the website has been blocked. CSUN also implemented a solution that detects and prevents incoming phishing attacks from non-CSUN email addresses. This solution blocks approximately 60,000 fraudulent messages every month.
Despite taking preventive measures, phishing email attacks continue to be sent from compromised faculty and staff accounts. The best method to prevent these attacks is to never provide your CSUN user ID and password in response to an email request and to question the source of the email received.
Business E-mail Compromise Scams
FBI PSA: directed / produced by CSUN's Nate Thomas.