Wake Forest University

Security Essentials

Security Essentials Service Information

Protect your data, account, and identity

There are many inherent risks in online computing, but with the appropriate security steps in place a user can greatly reduce their risk of infection, loss of data, and identity theft.

Be aware of common security risks

Phishing

Phishing scams are emails or other messages that appear to come from a known sender, but are actually sent by hackers or other dangerous entities. Phishing emails often ask a user to click on a fraudulent link, or request personal information such as a password or banking information.

If you are ever uncertain about an email, please forward it to infosec@wfu.edu for the Information Security Team to review. 

When confronting phishing, you are your best asset. Stop and think before you reply or click any links!

Some other tips to avoid phishing include the following:

  1. Be skeptical when a message asks you to click on a link, especially when you do not know the person. 
  2. Phishing emails often include a false sense of urgency, asking you to complete an action in order to avoid negative consequences. Be wary when a person or link asks you for sensitive information of any kind. 
  3. Phishers, using social media or other online information, can find the names and position titles of people you may know, and pretend to be them. They may even find information about you. Targeted attacks like this are called spear phishing. Always check the “From” and “Reply-To” field in an email to check for suspicious email addresses. 
  4. Before clicking on a link, always hover your mouse over the link, and a text box should pop up with the complete link address. If the link is directing you to a suspicious or unknown website, don’t click on the link! This is a common tactic phishers use to make you think you are going to one site, when in reality they are sending you to a different site that is potentially infected with malware or that would be used to collect your personal information. 

Ransomware

Ransomware encrypts the files on a user’s computer so no one can access them without paying a fee. Once a computer is infected with ransomware, a message is displayed about how you can access files by paying a ransom. Beware, there is no guarantee that paying a ransom will allow you to regain access to your files.

Ensure that your computer is up-to-date with the latest security patches to mitigate your risk. According to CSO Online, a ransomware attack costs an organization an average of $5 million.

If you suspect you have fallen victim to ransomware or other phishing scams, or are wondering if a message is legitimate, please contact the Service Desk immediately at (336) 758-4357 or help@wfu.edu.

Malware  

Malware includes viruses and spyware, along with any other malicious software intended to do harm on your computer. Your computer can become infected downloading an infected file or even using certain apps and games on social media platforms. Perhaps the most common way is by clicking on an infected link or attachment in an email. According to CSO Online, in 2018 92% of malware is estimated to have been delivered by email. 

WFU-issued Windows computers have CISCO AMP (Advanced Malware Protection) antivirus software. Bring-your-own-device users, including students, should install additional protection. Refer to this page and Software@WFU for more information on installing antivirus and antispyware protection.

Enhance your mobile device security

According to CSO Online, smaller screen sizes on phones compared to computers, and the more limited information that they can provide, lead to an increase in users falling for phishing attacks on mobile devices. This does include email on a mobile device, but also includes text messages and messaging apps, where 83% of mobile device attacks occur. 

One of the most important mobile cybersecurity areas to be aware of is what Wi-Fi your device accesses. You should never connect to unknown or unsecured Wi-Fi networks.

Keeping your apps and software up-to-date is an important step in reducing the likelihood of attacks. Consider turning on automatic updates. Also, delete apps you no longer use.

Be aware of Smising (SMS/text phishing) and Vishing (voice/phone call phishing), which are on the rise. If you get an unexpected call or a strange text, be cautious!

Backup your data

Ensuring that your data is backed up is critically important. Anything can happen to your computer at any time – hard drives fail, a laptop can be dropped, broken, or stolen, and data can become corrupted – ransomware can even encrypt your computer so you no longer have access to your files.

The only way to stay protected is to make sure your data resides in multiple places. Refer to our helpful page explaining the various ways you can back up your data. Common methods include using Google Drive and a USB drive. WFU faculty and staff now have access to CrashPlan, an automated cloud service that backs up your data to two different locations on-campus.

If you would like to request additional information or training on cybersecurity topics, please email infosec@wfu.edu

Does this page need an update? Please let us know: help@wfu.edu

Last updated: February 29, 2020