Mount Royal Employees Receiving Recorded Messages From “Google” – 12/11/17
Several employees on campus have been receiving calls ask them to verify their business on Google. The caller is a recorded voice or robo call. If you choose to press 1, you are connected to a person who tries to sell you a service. They are not from Google, but are using Google’s name to sound legitimate. Their service is a scam as verification of a business on Google is done through snail mail, and there is no charge for it.
If you receive a robo call, make note of the organization calling and hang up. You can then contact the organization directly and determine if they have a legitimate need to contact you. Robo calls are usually trying to sell you something or are scams.
Scammers don’t just use robo calls to con you out of your hard earned money. They will call you directly as well, creating a sense of urgency to trick you into signing up for an over priced service that you don’t need. If a person calls you and asks for payment of a service over the phone, ask for the name of the organization and tell them you will call them back. Google them and check reviews of their service. If you decide that you do want to sign up, contact the organization directly using the contact information found in the Google search. Do not be tricked into using a phone number that the caller gives you. If they are legitimate, you will be able to contact them using a publicly available number.
Attention Students – Devices disappearing across campus – 12/07/17
It is a scene that is played out across campus every semester, a student on a laptop studies diligently for exams. She runs out of battery power and looks for a plug in. She finds one just around the corner, plugs in and goes back for her books. When she returns 30 seconds later, the laptop is gone. In 30 sec she has lost all her study notes and all her papers for the term. The theft is reported to security but the laptop is long gone. If only she had thought to back up her papers and notes on iCloud, Onedrive, Dropbox or Google Drive. Then she would at least be able to study for her final. Now she has little to work with and exams are looming. Now she has to contact her professors, ask for extensions and hope that they will be granted. She was hoping to ace this term, now she just hopes to pass. This isn’t hypothetical. This is a real story that has been repeated over and over again.
This semester, don’t repeat the story. Treat your devices like cash. If you wouldn’t leave a 20$ bill somewhere, don’t leave your device there. It takes less than 30 seconds for a criminal to pocket your smartphone or walk off with your laptop. It takes less than 30 seconds to jeopardize a grade you have worked all term to achieve.
Passwords are NEVER to be shared – 12/06/17
I was shocked and extremely concerned to read about UK members of Parliament sharing passwords with their staff. How could high ranking members of a government, with a gateway into a network containing super sensitive data be so reckless? Surely no such thing occurs in other organizations? Surely here at Mount Royal University we are much more cautious with our passwords.
I was dismayed to discover that is not the case. Passwords are being shared between professors and graduate students, between managers and admins, between colleagues and between students . Why is this a problem? Just think for a minute of everything that you access with that login information. Do you really want to give someone else that much information about you? Do you really want someone else to be able to access EVERYTHING that you have access to? Your password is the keys to your kingdom. Don’t give it away.
IT Services is very aware that there are many instances where you need to give people access to your email, documents or an application. Fortunately, we have many tools at our disposal to do that without giving them access to everything else as well.
My favorite password sharing excuse is, “I can never remember my passwords, I need my admin to know them so she can remind me when I forget” . KeePass is a password manager that is easy to use and it will store your passwords for you. It is installed on every workstation and it requires you to remember only one password. Still challenged? There are many ways to create a password that is easy to remember but very effective. Contact the IT Security Training Analyst if you are still struggling.
If you are currently sharing your passwords or using someone else’s passwords; please stop, change your password and contact the IT Service Desk to discuss your needs. They will be happy to find a solution for you. Keep your data safe, keep your passwords a secret.
Watch out for PayPal “Failed Transaction” Emails – 12/05/17
With holiday shopping in full swing, cyber criminals have decided to roll out another PayPal phishing email campaign. This one notifies you that they were unable to verify your recent transaction. With shoppers stressed to the max, the criminals are hoping that you won’t notice a generic salutation is used or that the email doesn’t come from PayPal. Those who panic and click the Verify button/link are asked for their PayPal login credentials, all their personal information including their mother’s maiden name and their payment card information.
This is a reminder that an organization asking for information that they should already have is a big red flag that something isn’t right. Always visit an organization’s website directly when you receive an email from them that contains links or attachments. Any concerns with your account or transactions will be accessible from their official site. If you wish to contact the organization directly; use contact information found on their website, not in the email. Safe shopping!!