Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online. 

This October we are focusing on four risky behaviors and will provide some tips on how to identify them and things you can do.


We start the month of October with Phishing how to recognize it and what to do.


Phishing - It Wasn't Me? 

Even when it is not October (or Halloween) bad guys try to get you to fall for their tricks. They may not be wearing a costume but they are pretending to be something they aren't. Sometimes they pretend to be your bank or even a member of Suffolk. Sending you a request through email, social media, or even text messages.


Check out this video with a twist on Shaggy's song "It wasn't me"  (Emirates NBD 2019)



The bad guys, scammers, use a variety of ever-changing stories to lure you in:

Promise free prizes, gift cards, or coupons
Promise to help you pay off your student loans
Send fake messages that say they have some information about your account or a transaction. 
Say they’ve noticed some suspicious activity on your account
Claim there’s a problem with your payment information
Send a fake invoice and tell you to contact them if you didn’t authorize the purchase
Send a fake package delivery notification

They may even be so bold as to ask you to give some personal information — like how much money you make, how much you owe, or your bank account, credit card, or Social Security number — to claim your gift or pursue the offer.

Some phishing attempts send links that may take you to a spoofed website that looks real but isn’t. If you log in, the scammers can then steal your username and password.

Some recent examples have been seen here at the University. 

A phishing message that appears to be from someone you know (email or text): "I am on vacation and need your help", "I am out of the office and need your help"

Then they follow up by saying it is urgent:  "Are you available?", "Text/Call this number", "Click this link". 

What comes next is a call to action: "Can you purchase gift cards, I will pay you back", "I will send you a check, you send me the difference and keep the rest", "log in to this site to restore your access"

This is when you will have to decide if you will just do what they ask or take a CLOSER LOOK. Will you give away your personal information? Will you purchase a gift card? What should you do... Pause and if it appears phishy it probably is. Just delete the message. If in doubt forward it to the Service Desk.  If it is someone from Suffolk or another business that you know and you think it is real. Use their official contact information to reach back to them. If the message came in through text, send them an email or pick up the phone and call their official number from their official website. 


Want to see if you can spot a phish?

Visit the google phishing quiz site.
https://phishingquiz.withgoogle.com/





Observed every October, the annual Cyber Security Awareness Month is committed to encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. This initiative was created as a joint effort between government and industry providing resources to stay safe and secure online.