We are at an increased level of cyber risk to our W&L network credentials and institutional data due to moving from our campus protected environment to one that is individually managed to varying degrees based upon each employee’s attention to best practice security measures.
We have been tracking a strong upward trend in phishing attacks and emails with attachments containing malware. Many are targeted to capitalize on public fear of COVID-19 to entice clicking a link to a malicious site or downloading and opening malicious attachments. Others are spoofing meeting invitations from common tools in an attempt to steal your credentials from fake sites made to look like the actual vendor’s login page. (e.g., Zoom, Microsoft Teams).
What Can You Do?
Elevated Phishing Risk
Cyber criminals are taking advantage of the COVID-19 crisis by staging new attempts at messaging designed to get your attention. Bad actors are releasing notices associated with a variety of health “updates”. Be wary of any email that has content related to COVID-19 and exercise caution when choosing to click links in emails. ITS compiles a list of known phishing emails targeting our users here.
The W&L My Apps Page
Bookmark and use the single-sign-on W&L “My Apps” page when accessing University sponsored applications like Box, Outlook, O365 and more. In addition to increasing productivity within business operations and the teaching & learning environment, single-sign-on also enhances security by minimizing inadequate or forgotten passwords and thus reducing the number of pathways available for cyber-criminals to attack our network.
Use Duo Multi-Factor Authentication
Duo is a critical piece of our modern security architecture. You now have the option to begin using Duo right away, should you choose. To learn more about why we chose Duo and the steps you can take now to get set up, take a look at our recent post.
Manage Your Home Network
It’s a good idea to do a security health check for your home network. If you’re using a wireless router, be sure to have a strong Wifi password to keep those using your connection only to those you expect. Avoid using the default “administrator” password that came with your router to access settings. It’s also a very good idea to update the firmware in your wireless router. Here’s a great article on these steps and, of course, ask ITS if we can help explain anything.
