CSUN works hard to protect your data, by implementing various security controls such as Single Sign-On (SSO). SSO allows users to sign in to CSUN resources using one login ID and password. Keeping your password secure is important to ensure bad actors do not gain access to your account and the resources available to you.
To help keep you safe, here are some tips:
Password Reset
CSUN WILL NEVER ASK FOR YOUR PASSWORD via email or phone. CSUN’s password policy requires users to reset their password periodically. CSUN does send out notification alerts, informing users of expiring passwords. The CSUN Account Information page is set up to help users perform self-password resets.
Phishing
Phishing (pronounced “fishing”) is the act of a bad actor attempting to obtain an individual or group of individuals sensitive information (e.g., social security number, username & passwords, or payment information). Phishing attempts often use emails, text messages, or voice/phone calls to obtain sensitive information. There are many types of phishing attacks such as spear phishing which aims to attack an individual by using details of their life.
- Phishing Emails
- Verify the sender.
- Think Before You Click!
- Notify CSUN of Possible Phishing Emails:
- If you believe you have received a phishing email through your CSUN email, please forward it to abuse@csun.edu. CSUN uses these phishing emails to improve its cybersecurity defenses.
- Practice Safe Browsing.
- Use Antivirus.
- Stay Informed: https://www.csun.edu/it/csun-spam-prevention
- https://www.csun.edu/it/phishing-examples
Voice Phishing
Voice Phishing (also called vishing) is when a bad actor attempts to obtain your personal and sensitive information by misrepresenting themselves. Bad actors often impersonate legitimate sources such as financial institutions, real estate offices, or government services for financial gain. Bad actors may spoof Caller ID (masking number to represent legitimate source), to further support their attack.
To help keep you safe verify the sender or source:
If you receive a phone call and are unsure of the caller, ask to call the organization back using a number you have or from a trusted source. Especially if a payment transaction is being conducted, verify the destination.
Check email addresses closely, often attackers create a similar email, and website addresses which if quickly read may seem authentic. To check blue hyperlink address hover over links with your mouse to reveal address (an inspection of this address may show it to be a misdirect).
