Data Privacy and Security

Data Privacy and Security, February 2022

Seems Phishy!

Email is a critical communication tool, and as a result, it’s important for all of us to be vigilant and able to spot phishing emails that attempt to compromise our personal and community information.

What is Phishing?

Phishing is the process in which malicious people try to trick you into giving out sensitive information or taking a potentially dangerous action, like clicking on a link or downloading an infected attachment. They do this using emails disguised as contacts or organizations you trust so that you react without thinking first. It’s a form of criminally fraudulent social engineering.

Phishing is one of the most common ways that attackers try to access our data and commit fraud. Phishers pose, usually via email, as a someone you know and lure you into revealing sensitive personal information, downloading malicious software or sending money or gift-cards.

How can I spot Phishing?

While Clark’s advanced security will do much to prevent many phishing emails reaching your inbox, it’s up to each of us to remain vigilant. Phishing emails can look like any other email. Some claim to offer free drinks from your favorite coffee shop, while others may pretend to be from a familiar department on campus.

Phishing emails often have the following characteristics:

  • They will often appear to come from a Clark email address, but instead will be ‘spoofed’. Spoofed email addresses look similar but are actually different – similar to presidentsoffice.clarku.edu@gmail.com.
    • For Staff and Faculty: Look for the [EXT] label in the subject which indicates an email was sent from outside Clark. If you see an email that looks like it came from a member of the Clark community, but has the [EXT] label, be cautious.
  • Make requests for personal information (usernames, passwords, account numbers)
  • Alarming and urgent statements instructing you to act immediately
  • Slight alterations of well-known organization names (e.g. IT department, instead of ITS)
  • Awkward writing style, misspelled words, or poor grammar are common, but phishers are becoming more sophisticated and polished in their writing.

What do I do if I suspect a message is a Phishing scam?

If you receive an email from someone that just feels out of place then you should report it. It is always better to ask ITS to investigate the email (by using the Phishing Alert button – see below), than open a malicious one that can spread malware and infect your device and even steal your information.

In a change to our previous advice, we ask that you no longer forward suspected phishing emails to anyone, including the Help Desk. Instead, please follow the instructions below to report the email in the most secure way.

Outlook on Windows or Mac

  • Click on the Phish Alert Report button in the top right of the email window.

Desktop & Phish Alert

Outlook Online

  • Click on the More Actions (three dots) button in the top right
  • Click on the Phish Alert V2 option

Outlook App on iOS or Android

  • Click on the More Actions (three dots) button in the email
  • Click on the Phish Alert button
    • Note that on Android you may need to scroll down to see this option as it’s below Delete

What does ITS do to help prevent phishing?

You are a critical step in helping to protect our shared computing resources. Security is best deployed in layers, so if one layer is breached, others can help protect those critical resources. In addition to the great work we do as a community by reporting and ignoring the requests in phishing emails, ITS has deployed tools and techniques to aid in your ability to detect a phishing message, and also prevent these messages from reaching your inbox. In February 2022, approximately 20% of all email sent to members of the Clark community were automatically kept from reaching your inbox. That’s almost 700,000 messages we didn’t have to delete! Some of these techniques are:

  • We partner with organizations like Microsoft, Palo Alto Networks, and REN-ISAC to help us identify attributes of messages that we know are malicious, and we send those messages right to your Junk Email folder. With Microsoft as our email provider we are part of a large global community, potentially learning about malicious content after it impacts other users, and before it impacts Clark.
  • If a message has a known malicious attachment, that attachment is replaced with a notice that an attachment was removed from the message before it is delivered to your Inbox.
  • When you click on a link in most email, in real-time the link is scanned to see if it is sending you to a known malicious website. If it is, then you are redirected to a warning page notifying you the link was malicious.
  • Faculty and staff may notice [EXT] appended to the subject of an email that originates from outside of Clark’s email system. If you see a message that looks like it may have come from a member of the Clark community, but it has the [EXT] tag in the subject, be suspicious, and maybe reach out to them in a new email (not a reply to that potentially fraudulent email) sent to their Clark account.
  • Clark uses technology like SPF and DKIM to help identify legitimate messages that do originate from outside our email system.

Data Privacy and Security, November 2021

Hacking and the Holiday Season

Decorative: A person holding a credit card and using a laptop with holiday lights in the background.

With the holiday season upon us, hackers, scammers and online thieves are gearing up for creative ways to steal your information. As millions of online shoppers begin looking for the best deals, hackers are looking to take advantage of people by searching for weaknesses in their devices, internet connections and failure to update to current software versions.

There are several key ways to prevent leaving yourself open to hackers and giving your information to the wrong individuals:

  • Stop, Look, and Think before you click on unknown links! When in doubt, if a message or email is real visit the company’s website or verify the sender through another method.
  • Never install unapproved software or download attachments without verifying they are safe. Always ensure your computer is up-to-date with the latest approved security patches.
  • Don’t download any e-gift card or other links if you do not know the sender. Downloading links from unknown senders can lead to ransomware installs and encryption of data.
  • Secure your devices by keeping them close and using strong passwords.
  • Password managers are a great tool, and help to create and store strong passwords. They make it secure and easy to not use the same password for all websites, and accounts – a bad practice. If one site is compromised, then the hackers will try the same password on many other sites.  If the password is unique per site, then you only have one account to worry about instead of all your accounts!
  • Make sure not to leave any devices unattended or connect to any unknown Wi-Fi networks. When possible, always use MFA.
  • Be cautious of websites that are not well known and offer special deals or promotions if you sign up.

With these steps, you can minimize your risk of browsing online and have a happy and secure holiday season.

Data Privacy and Security, September 2021

National Cybersecurity Awareness Month

National CyberSecurity Awareness Month (NCSAM) was started as a collaborative effort between the National CyberSecurity Division within the Department of Homeland Security (DHS) and the nonprofit National Cyber Security Alliance in 2003. The month of October raises awareness about the importance of cybersecurity.

As education, socializing, and many aspects of life increasing rely on technology, it’s more important than ever to protect your digital identity and steer clear of cybercriminals.  The theme of 2021 is for you to Do Your Part, #BeCyberSmart all year long.

What is Clark Doing during the Month of October for NCSAM? Clark will be promoting safe online practices through a variety of actives and resources around campus. Look for new resources or activities each week to help encourage you to #BeCyberSmart. Some topics will include:

Fight the Phish

Phishing attacks and scams have increased during the COVID pandemic. We will stress the importance of staying aware of threatening emails, text messages or chat boxes that come from cybercriminals to gain your information or personal assets.

Explore. Experience. Share (Cybersecurity Career Awareness Week)

This will inspire and promote the exploration of cybersecurity careers. No matter if you are a student or a veteran seeking a career change, the dynamic field of Cybersecurity is rapidly growing and holds something for everyone!

Cybersecurity First

Here we will raise awareness how businesses are working to integrate and build partnerships to incorporate security into their products and everyday processes. For individuals, it is about keeping Cybersecurity at the forefront of your mind as you connect daily and understand when privacy and default settings of your applications and devices. Cybersecurity should be a proactive mindset not a reactive one.

Remember that if you have any questions or are curious about how you can Do Your Part and #BeCyberSmart all year long, feel free to ask the Clark ITS Team or visit one of the following links:

 

April 2021, Data Privacy and Security

An Update on Multi-Factor Authentication

In the last month over 4000 Clarkies have set-up and begun to use Multi-Factor Authentication and ITS would like to say Thank You!

Multi-Factor Authentication will provide Clark and our individual community members a higher level of security for their personal and institutional data, and will make our efforts to reduce cyber-threats more effective and efficient.

Over the last few weeks while supporting students, staff and faculty with Multi-Factor Authentication, we got some great questions. We’ve added the answers to our Multi-Factor Authentication webpage but wanted to cover some of the most frequently asked here.

If you still have questions about Multi-Factor Authentication, or are having issues accessing your email, please reach out to the Help Desk for support at 508-793-7745 or helpdesk@clarku.edu.

How often will I have to use Multi-Factor Authentication to access my account?

You will need to authenticate the first time you use a new device (computer, laptop, phone, tablet, etc.), or browser to access protected systems.

After the initial authentication on a device, you may be asked to reauthenticate again usually after a number of weeks. ITS will calibrate the timing of reauthentication requests to best balance security needs and your convenience.

Do I need Multi-Factor Authentication for Moodle? VPN? CUWeb?

Currently, you will only be required to use Multi-Factor Authentication to access Clark email and Office 365. However, ITS is adding MFA security to important Clark applications over the coming semesters including Moodle, VPN, CUWeb and Banner. We’ll be sure to let everyone know when we add new systems to Multi-Factor Authentication.

My mail app isn’t displaying new mail after setting up Multi-Factor Authentication. What do I do?

If after setting-up Multi-Factor Authentication, you find that your email app isn’t displaying new emails, you may need to remove and re-add your Clark account to your app in order for it to sync correctly.  Your phone manufacturer, or app developer should have instructions on how to do so, or you can contact the Help Desk if you need further assistance.  Using the Microsoft Outlook app on mobile devices helps provide a consistent experience between your devices.

How do I edit my factors?

You may need to do this if you buy or sell your smartphone, change your phone number, or just want to manage your factors. To see or edit your factors, you can visit the Multi-Factor Authentication webpage on the Clark website and choose “Edit my Factors” on the right.

What do I do if I lose my phone?

When using Multi-Factor Authentication, your smartphone becomes an important step in gaining access to your account. If you lose your device, please reach out to the Help Desk at 508 793 7745 or helpdesk@clarku.edu so we can verify your identity and get you back into your account as quickly as possible.

 

Data Privacy and Security, November 2020

Firewalls: The First Line of Defense

As you may have read in the media and in your email inbox, cyber-attacks of all types are on the increase, and each of us need to be more vigilant than ever before clicking on links in emails, or responding to unknown senders.

But you’re not alone in the fight against phishing, viruses and malicious links. ITS is working hard to minimize our users’ exposure to nefarious attempts at attacking the institution and our data. And that work starts with a strong Firewall.

A Firewall is, first and foremost, a wall! It provides a barrier between our internal network – including systems such as Banner, WordPress and Outlook – and the external internet. Our Firewalls allows us to monitor traffic requests into the Clark network, and refuse traffic that is malicious and looking to compromise our users and our data. The easiest way to demonstrate how important the Firewall is to our security, is to share some numbers.

Since the beginning of the semester our Firewall has blocked over 2 BILLION attempts to access our network from general malicious actors and over 70,000 specific attempts to spoof Clark University email addresses. Additionally, our partnership with Microsoft has blocked over 5 million additional spam emails, and 12 million instances of malware. The technology that we use leverages machine learning, so that it identifies trends in new threats, learns from our users’ behavior and becomes more effective every day.

Without this technology, it would be impossible to run our campus effectively or securely. It allows us to communicate with Clarkies and external partners and greatly minimizes the percentage of attacks to reach your inbox. From there, we rely on you. So, don’t forget to ‘think twice, click once’ and follow our guidelines (click here to read) to help prevent cyberattacks on our network and data.

Data Privacy and Security, October 2020

Multi-Factor Authentication 

When users ask ITS about how best to protect their online data and identity, using Multi-Factor Authentication is one of our top tips. ITS is planning to use this security feature in the coming months to better protect Clark’s information. 

To help you get started, here is a short introduction to Multi-Factor Authentication 

What is Multi-Factor Authentication? 

Click below to watch a short (3 minute) video about Multi-Factor Authentication.

Screenshot of a video embed for MFA

Multi-Factor Authentication (MFA), sometimes referred to as Two-Step Login, Two-Factor Authentication, or 2FA, is a security enhancement that requires you to present two (or more) pieces of evidence of who you are when logging in to an account. This evidence should fall into two (or more) of these three categories: 

  • something you know: for example, a password or PIN
  • something you havefor example, an application on your phone or a bank card 
  • something you are: for example, a fingerprint or retinal scan  

In fact, you probably already use Multi-Factor Authentication in some form. For example, you’ve used it if you’ve: 

  • swiped your bank card (something you have) at the ATM and then entered your PIN (something you know).
  • logged into a website, like Amazon, with a username and password (something you know) and was then sent a numeric code to your phone (something you have), which you entered to gain access to your account.

Multi-Factor Authentication helps to protect your personal data, identity and moneyITS recommends enabling Multi-Factor Authentication (or Two-Step Login) where available for any online services that you use regularly such as Google/GmailApple and others. 

Multi-Factor Authentication and Clark 

Over the next two semesters, Clark University will begin to introduce Multi-Factor Authentication as a log-in option (and eventual requirement) for access to certain systems. This additional layer of security will help protect Clark’s computing resources, your personal data, and reduce the impact of phishing scams. 

Be on the lookout over the next few months for more information on this change and know that ITS will be here to help every step of the way. 

Data Privacy and Security, October 2020

Gone Phishing

This article has been updated. Please click here for more up-to-date information.

Email has always been a critical communication tool, but even more so now that Clarkies are learning and working in many different modalities. As a result, it’s even more important now for all of us to be vigilant and able to spot Phishing emails that attempt to compromise our personal, and community information.

Phishing is one of the most common ways that attackers try to access our data and commit fraud. Phishers pose, usually via email, as a someone you know and lure you into revealing sensitive personal information, downloading malicious software or sending money or gift-cards.

How can you tell a Phishing Email?

Phishers are becoming more and more sophisticated and the days of requesting bank transfers to help deposed princes are long gone. However, there are some signs to help you spot a phishing attempt, and in combination with the security and tools that ITS has put in place, we can reduce the risk to Clark’s information.

One way you can prevent mistaking a phishing attempt for a legitimate request is to pause before responding and re-read the email. We know in these busy times, when we receive so many emails every week, that being quick and efficient is necessary. However, phishers rely on the element of urgency. Taking just an extra moment to review emails before responding can make a big difference.

So, what should you look for? Phishing emails often have the following characteristics:

  • They will often appear to come from a Clark email address, but instead will be ‘spoofed’. Spoofed email addresses look similar but are actually different – similar to presidentsoffice.clarku.edu@gmail.com.
    • For Staff and Faculty: Look for the [EXT] label in the subject which indicates an email was sent from outside Clark. If you see an email that looks like it came from a member of the Clark community, but has the [EXT] label, be cautious.
  • Make requests for personal information (usernames, passwords, account numbers)
  • Alarming and urgent statements instructing you to act immediately
  • Slight alterations of well-known organization names (e.g. IT department, instead of ITS)
  • Awkward writing style, misspelled words, or poor grammar are common, but phishers are becoming more sophisticated and polished in their writing.

What should you do if you suspect an email?

  • If you receive an email from a colleague or senior member of your department asking you to act urgently, contact that person by other means for confirmation – a phone call, Teams chat, walk down the hall (when possible).
  • NEVER share your Clark username and password, with anyone. Nobody at Clark, including members of ITS, will ever ask you directly for your password.
  • If you identify a suspected phishing attempt, use our Phish Alert Report button to alert ITS

Outlook on Windows or Mac

    • Click on the Phish Alert Report button in the top right of the email window.

Desktop & Phish Alert

Outlook Online

    • Click on the More Actions (three dots) button in the top right
    • Click on the Phish Alert V2 option

Outlook App on iOS or Android

    • Click on the More Actions (three dots) button in the email
    • Click on the Phish Alert button
      • Note that on Android you may need to scroll down to see this option as it’s below Delete

Android App & Phish Alert

If You Get Phished

If you believe that you have been the victim of a phishing scam, change your password immediately by logging into ClarkYOU and using the “Password Change Utility” located at the bottom of the left sidebar. Also, contact the Help Desk at helpdesk@clarku.edu or (508) 793-7745.

April 2020, Data Privacy and Security

Information Security in a COVID World

ITS wanted to take a minute as we’re all adjusting to the waves of changes coming our way, and remind everyone that certain people around the world are trying to take advantage of the situation we find ourselves in and our innate desire to help others. Now is the right time to ensure we’re vigilant about protecting ourselves.

There are reports of people getting email and phone calls about fraudulent charities and even people walking door-to-door claiming to be the CDC doing research. There has been an international increase in the typical methods of phishing and impersonating other users as well as targeted cyberattacks on infrastructure. ITS continues to monitor these threats and asks for your help.

  • Double check your email. If you get a message that appears to be from a member of the Clark community, but doesn’t look like it really came from that person, be extra cautious (Clark faculty and staff should look for the [EXT] tag in the subject – this means the message originated from outside Clark’s mail environment). It’s worth thinking twice before taking any action, opening any attachments, or clicking any links. It’s best at this time to use your Clark email for business communications (as opposed to a personal email account). While email approvals aren’t legally binding for formal contracts, it adds an additional layer of verification that the email communication is authentic.

 

  • Watch for phone calls too. As we’ve evolved over the past weeks to a more mobile workforce, if you get a phone call claiming to be from someone at Clark asking you to do something that may seem odd (like buy gift cards), Caller ID is not a fool-proof way to validate who you’re talking to. Reach out to the person another way; send them an email to their Clark account or call them back on a number you already know for them. You may also get calls claiming to be from companies, like Microsoft or Apple, who have detected a problem with your computer and need you to do things on it. These are not legitimate calls and you should not take any action the caller suggests. If you have computing questions, you can reach out to the Help Desk at helpdesk@clarku.edu or 508-793-7745.

 

  • Think twice, click once (or never). Most malware infections require us to do something – open an attachment, click on a link, download a file. We have protections installed in your Clark email account to help remove most malicious attachments before they get to your inbox. Another great layer of protection is to make sure the attachment or link comes from someone you’re familiar with and you’d be expecting to get it from in the context of your conversation. As we grow the tools we use, these links could come in different ways. For example, as we use Zoom and Microsoft Teams more, users can post a link in the chat asking people to click on it. These may be malicious links, so be aware of clicking on links not only in email, but in other applications as well.

The compassion and thoughtfulness of our community is truly overwhelming and we hope these small tips will not only help to ensure the protection of our shared computer and information resources, but your personal information and resources too.

Finally, all of us in ITS would like to thank you for your focus on information security, as well as your patience and willingness to adapt to new processes and technology in this unprecedented time.

Data Privacy and Security, September 2019, Tips and Tricks

Countdown to Cybersecurity Month: Spyware

Digital lock guard sign binary code number. Big data personal information safety technology closed padlock. Blue glowing abstract web internet electronic payment vector illustration art

October is National Cybersecurity month, a time to raise awareness about the importance of Cybersecurity, and how to stay safe while online.

Clark’s ITS professionals take the campus’s cybersecurity very seriously. In fact, in a single 24 hours period in mid-September, our security systems blocked over 90,000 threats presented by spyware. Spyware is malicious software that will infiltrate your computer (and Clark’s system) and report back passwords, financial information and internet usage. It can also slow down your computer and spam you with ads.

While ITS systems are keeping threats from Spyware at bay, you can provide the best layer of defense when you take your online security seriously – both on and off campus. As a community member, your Clark computer is protected by ITS, but you also have free access to Sophos, an anti-virus product that also includes Spyware Protection (Click here to learn more about Sophos.)

Click here to read a 5 minute article about spyware and other ways you can avoid the threats it presents.

April 2019, Data Privacy and Security

Digital Spring Cleaning

It’s spring cleaning season, and just as it is a great time of year to clean up our physical stuff, it is also a great time to clean up our digital footprints. The National Cyber Security Alliance recommends that a great way to help yourself stay safe online is to take some time each spring to make sure your digital settings and files are secure. Some recommendations for digital spring cleaning are:

  • Review your online accounts, and delete any that you no longer use. Leaving unused online accounts open can make you more susceptible to cyber-attacks. Since you do not monitor the account regularly, you are less likely to notice when something is wrong.
  • Clean out old emails and files that you no longer need. Old files can often contain personal information. So, when you no longer need them you should throw them out and empty your trash.
  • Review the applications on your mobile devices and delete the ones you no longer use. Much like with old online accounts and files, old applications can contain personal data and should be deleted if they are no longer in use.
  • Check your web browser settings to make sure it is handling your data the way you want. Web browsers allow you to decide which information is saved and how your data is shared.
  • Back up your files to a portable hard drive or cloud storage service. Creating a routine for backing up your files can help to ensure that all of your data is recoverable if something were to happen to your computer or mobile device.
  • Update your passwords. It is important to regularly change the passwords that you use.

For more ideas about how to approach a digital spring cleaning, click here to view the flyer from the National Cyber Security Alliance.

If you would like to learn more about how to manage your privacy settings on popular systems and websites such as your web browser, social media accounts, and shopping accounts click here. These resources from StaySafeOnline.org provide information about what security and privacy settings are available on different websites, and instructions for how to manage those settings.