Information Systems Connection

Criminals continue to develop increasingly clever ways to trick computer users into exposing their personal/confidential information, submitting their username and/or password, unknowingly downloading malicious programs onto their computers or falling for a money fraud scam.  This is yet another reminder for users to exercise caution, be skeptical and when in doubt, “don’t do it” – whatever “it” is that just doesn’t seem right.

What are some “best practices” for using the Internet?

1. UPDATE SOFTWARE: Keep your computer operating system and anti-virus software up-to-date.  Info Systems does this automatically for EMU owned computers. If a notification appears saying that an update is ready to install, allow it to proceed.
2. STRONG PASSWORDS: Make sure your passwords are strong.  They should be eight or more characters that include numbers, letters and at least one capital letter. Longer is better. They should NOT be your birthday or phone number, a person’s name or a word that is in the dictionary.
3. KEEP PASSWORDS TO YOURSELF: Never, ever give your password to someone else. Period!
4. THINK BEFORE YOU LINK: Financial institutions will never send you a link to use to login to your account. Whenever you receive any link in an email, don’t click it unless you really know where the link is going and that you have a good reason to go there. Just because it looks like a link (i.e. http://www.something-yadda-yadda) doesn’t mean it is the link that is displayed.  Most email programs allow you to hover over a link to reveal the actual web address that might be hidden by it.  When in doubt, don’t click it.
5. JUST HIT DELETE: You are not obligated to open every email you receive.  If you receive a message from someone unexpectedly become skeptical quickly. If the content seems “odd” be quick to delete the message.  If you receive an odd message from someone you know, contact them to determine if it was a legitimate message.  If it was and you deleted it, they can send it again.
6. CHECK USING GOOGLE: If you receive an email message that seems odd but you are curious to know if it might be a scam and you feel like doing some checking, select a phrase that is in the message and put it into Google surrounded by double quotes.  If it is a scam there is a high probability someone has already posted it somewhere on the net.  Scams and variations on them circulate on the Internet for years.

Things to remember if you receive a scam email message.

1. HIT DELETE: Deleting is always a good thing – and it is not necessary to notify Info Systems about messages you delete, regardless how strange the message may be.
2. MOST SPAM/SCAM MESSAGES CAUGHT: Info Systems cannot stop all scam/spam email from getting to your mailbox but we use some very powerful processes that prevent more than 99% of it from getting to you.
3. DELETE AND FORGET: There is nothing Info Systems can do to “track down” where the scam message originated.  Delete the message and forget it.
4. FAKE PLEAS FOR CASH: All “desperate traveler, pleading for assistance” messages are scams.  Be assured that your friend, whose name appears in the FROM field, did NOT really send you that message.    You can also be pretty sure that your friend has already been informed by others that these messages have been sent.  JUST HIT DELETE and go on to your next email.

Oops! You realize that your email account was compromised or that you were tricked and submitted information “you shouldn’t have” or downloaded some “bad stuff”.  What should you do now?

1. CHANGE PASSWORD: If you submitted your password, change it immediately and if it was for your EMU email account, please inform the Helpdesk that you did the “no-no” (and that you changed your password).  Knowing that an EMU account has possibly been compromised is information that is useful to us.
2. DON’T CLICK: Beware of “fake anti-virus” or “fake update” notices.  If you receive a pop-up stating that “unusual activity has been seen on your computer” you can be absolutely certain that this is not true.  Do NOT click anything that invites you to do so.  Close any open programs, preferably by using keystrokes. In Windows Use CTRL-TAB to switch to the program to be closed then ALT-F4 should close the active window. In Macintosh use COMMAND-TAB to navigate in the switcher to the program icon to be closed then, while still in the switcher, hit Q to quit the program.
3. PULL THE PLUG: If you realize that malicious code is in the process of being downloaded, disconnecting  your computer from the network or doing a power-button shut-down quickly are emergency measures that could limit the damage of malicious software downloads.  Be sure to perform a complete disk scan using your anti-virus software before reconnecting to the network to identify any malicious files that could have been downloaded.