Staying Cybersafe

By 2031, attacks on businesses, consumers, governments, and devices are expected to take place every two seconds. This year alone, cybercrime is predicted to inflict $9.5 trillion (USD) in damages globally. In fact, if it were measured as a country, cybercrime would account for the world’s third-largest economy, behind the United States and China.

Universities are often targets for cybercriminals because of the vast amounts of data they hold, making it crucial for students, faculty, and staff to be vigilant about their digital security.

October is Cybersecurity Awareness Month. Information Security and Compliance Analyst Thomas Vallario shares insight and practical tips to help students and employees safeguard their data.

Create Strong Passwords

• Aim for passwords that are at least 12 characters long (longer passwords are generally more secure).
• Use a combination of letters (upper and lower), numbers, and special characters in your password to make it more complex and harder to guess.
• Don’t use easily guessable information such as your name, birthdate, or common words. Instead, consider using a passphrase—a series of words that are meaningful to you but difficult for others to guess.
• Use different passwords for different accounts to minimize the impact of a potential breach. This way, if one password is compromised, your other accounts remain secure.
• Change your passwords regularly, at least every three to six months, to reduce the risk of your passwords being compromised over time.

Learn more about password safety.

Avoid Scams

A scammer may:

• Pretend to be from an agency or organization you know or are affiliated with in some way.
• Say there is a problem or promise a prize or some other financial incentive.
• Create a sense of urgency and pressure you to act immediately.
• Tell you to pay in a specific way.

Avoid falling prey by:

• Remaining calm. Don’t ignore the red flags and attempt to verify the identity through another means.
• Stopping contact with the scammer immediately by hanging up or ignoring their messages. Do not click on any links or attachments and do not respond to messages.
• Protect your money. Criminals will insist that you pay in a hard-to-trace manner, such as with a gift card, prepaid debit card, cryptocurrency, wire transfer, money transfer, or by mailing cash.
• Protecting your personal information. Be skeptical of a contact you did not initiate.

If you are scammed, notify the three major credit bureaus—Equifax, Experian, and TransUnion—to add a fraud alert to your credit report. Visit the Federal Trade Commission’s “What To Do if You Were Scammed” page for additional information if you paid a scammer or gave them personal information or access to your device.

Learn more about avoiding scams.

Don’t Overshare on Social Media

When you share personal information on social media, you expose yourself to the risk of identity theft and fraud. Cybercriminals can use the information you share, such as your full name, date of birth, and location, to impersonate you or launch targeted attacks. They can also use this information to craft convincing phishing messages that appear to come from trusted sources and make you more likely to click on malicious links or provide sensitive data.

Attackers also often exploit information gathered from social media accounts to manipulate their targets through social engineering. They can use the details you post to build trust, making it easier to deceive you into revealing sensitive information.

In addition, many social media platforms allow you to tag your location, which can be especially risky. Sharing your real-time location may put you at risk of physical harm or theft. Moreover, this information can be used to create detailed profiles of your habits and routines.

Learn more about protecting your data on social media.

Spot Deepfakes

Typically involving the manipulation of existing content, such as replacing a person’s face in a video with someone else’s or altering their speech in an audio recording, AI-generated deepfakes can appear genuine, making it easier to spread false information or sway opinions. These highly realistic and deceptive videos, audio recordings, or images can have serious consequences in the realms of politics, journalism, and even personal relationships by undermining credibility and trust.

Malicious actors can also use deepfakes to steal someone’s identity, superimposing their face onto explicit or incriminating content. In financial scams, cybercriminals may create deepfake videos or audio recordings to impersonate individuals, like company executives, potentially leading to fraudulent transactions.

Is it a deepfake?

• Pay close attention to any anomalies as they may reveal manipulation. Deepfakes often exhibit subtle visual inconsistencies, such as unusual blinking, distorted facial features, or mismatched lighting and shadows.
• Listen carefully to the voice in a video or audio recording. Deepfake-generated voices may have unnatural intonations or odd shifts in tone and pitch.
• Check the credibility of the platform or source sharing the content. Reliable sources are less likely to share deepfake content, so be skeptical of content from unknown or suspicious websites.
• If the content seems dubious, corroborate it with other sources or individuals. Fact-checking can help confirm or refute the authenticity of the material.
• Pay attention to your instincts. Take a closer look and investigate further if something doesn’t feel right or raises doubts.

Learn more about the dangers of deepfakes.