These days, phishing and other types of social engineering are by far the most prevalent, pervasive and effective forms of information security attacks, and few places online are more rife with opportunities for risk than where we communicate with one another. Learn how to stay safe when chatting, emailing, or using social networks.
Remember that whatever you put on the internet, stays on the internet
This includes photos, videos, posts on social networking sites, comments; anything and everything. Nothing is temporary, and rarely is anything truly anonymous.
Be aware that whatever you post on Facebook, Twitter, etc. will stay there forever, and is potentially available for viewing by the public at large, including people you may not want to see it, such as family, future employers, etc.
Always verify your privacy settings on your social networking sites to make sure you are not leaving unnecessary openings to your account. Be sure to visit the privacy settings pages for all social networking sites you belong to and adjust your settings accordingly. For example:
Be wary of attachments in emails, even from trusted senders
If you weren’t expecting an attachment, or if the email doesn’t call for one in a way that makes sense, don’t open it.
If you’re not sure about an attachment from a trusted sender, just ask them to clarify (by other means, if possible). Sometimes malware can send malicious emails from the accounts of people you know without their knowledge, so it’s always a good idea to double-check with the senders themselves if you’re not sure.
Never offer personal information across emails, regardless of the sender
If an email is asking for a password or other personal information, never give it; instead check with the sender if they are trusted or contact them by other means first for verification. Just because someone says they are “from IT” for example does not mean it is true.
Even reputable businesses such as PayPal or Bank of America can be targets for phishing scams, often with very convincing-looking emails complete with accurate logos and graphics. Use common sense and do not give information that you wouldn’t normally share. Whenever in doubt, always contact the supposed sender directly to verify.
If you suspect a phishing attempt or are unsure of whether a request for information is legitimate or appropriate, contact the Service Desk.
Never use your Stonehill email address to sign up for external websites or accounts, such as social networking sites like Instagram, Pinterest, LinkedIn, etc.
Always try to keep your Stonehill email separate from your personal life; use another personal email account like Yahoo or Gmail to sign up for external website accounts. Doing otherwise can potentially open your Stonehill email up to compromise by phishing attempts and junk mail, as well as complicating things when/if you leave the College and your Stonehill account is deleted.