April 2020, Data Privacy and Security

Information Security in a COVID World

ITS wanted to take a minute as we’re all adjusting to the waves of changes coming our way, and remind everyone that certain people around the world are trying to take advantage of the situation we find ourselves in and our innate desire to help others. Now is the right time to ensure we’re vigilant about protecting ourselves.

There are reports of people getting email and phone calls about fraudulent charities and even people walking door-to-door claiming to be the CDC doing research. There has been an international increase in the typical methods of phishing and impersonating other users as well as targeted cyberattacks on infrastructure. ITS continues to monitor these threats and asks for your help.

  • Double check your email. If you get a message that appears to be from a member of the Clark community, but doesn’t look like it really came from that person, be extra cautious (Clark faculty and staff should look for the [EXT] tag in the subject – this means the message originated from outside Clark’s mail environment). It’s worth thinking twice before taking any action, opening any attachments, or clicking any links. It’s best at this time to use your Clark email for business communications (as opposed to a personal email account). While email approvals aren’t legally binding for formal contracts, it adds an additional layer of verification that the email communication is authentic.

 

  • Watch for phone calls too. As we’ve evolved over the past weeks to a more mobile workforce, if you get a phone call claiming to be from someone at Clark asking you to do something that may seem odd (like buy gift cards), Caller ID is not a fool-proof way to validate who you’re talking to. Reach out to the person another way; send them an email to their Clark account or call them back on a number you already know for them. You may also get calls claiming to be from companies, like Microsoft or Apple, who have detected a problem with your computer and need you to do things on it. These are not legitimate calls and you should not take any action the caller suggests. If you have computing questions, you can reach out to the Help Desk at helpdesk@clarku.edu or 508-793-7745.

 

  • Think twice, click once (or never). Most malware infections require us to do something – open an attachment, click on a link, download a file. We have protections installed in your Clark email account to help remove most malicious attachments before they get to your inbox. Another great layer of protection is to make sure the attachment or link comes from someone you’re familiar with and you’d be expecting to get it from in the context of your conversation. As we grow the tools we use, these links could come in different ways. For example, as we use Zoom and Microsoft Teams more, users can post a link in the chat asking people to click on it. These may be malicious links, so be aware of clicking on links not only in email, but in other applications as well.

The compassion and thoughtfulness of our community is truly overwhelming and we hope these small tips will not only help to ensure the protection of our shared computer and information resources, but your personal information and resources too.

Finally, all of us in ITS would like to thank you for your focus on information security, as well as your patience and willingness to adapt to new processes and technology in this unprecedented time.