Every year, October is National Cyber Security Awareness Month, sponsored by the National Cyber Security Alliance (www.staysafeonline.org). Throughout the month of October, the Office of Information Technology's Information Security staff ramps up their awareness and training efforts for the AU community at-large. There is something for everyone: training courses, posters, and general tips to protect yourself online.
Below are common topics that will be mentioned in our communications to campus, if you ever have any questions, contact the IT Help Desk at 202-885-2550 and firstname.lastname@example.org.
Support Cyber Security Awareness all year long by hanging posters around your office, building, or at home. Select any or all and send us your order (email@example.com subject: cyber posters). We will print copies and deliver them to you within 5 business days. Or print them yourself on 11 x 17 paper.
Phishing scams looking to exploit your trust continue to grow in sophistication. This year alone, AU customers have received several messages purporting to be from AU offices or well-known external companies with which you might regularly interact.
- They can look very real and always have a sense of urgency.
- Some of these messages ask users to login using their credentials.
- Often times, these messages include simple links, which when clicked can download malware on to your computer, which can be used to gain access to your personal information.
In the past, messages have been sent to the campus community purporting to be from AU departments like Human Resources and the Office of Information Technology (OIT). More sophisticated phishing emails have directed customers to an exact replica of the AU Portal Login page or other AU web service, which, when logged into, forwarded the customer's credentials to the attackers.
It is critically important to remain vigilant and make sure you validate the legitimacy of any request that asks you to log in or provide any personal information.
- Be vigilant!
- Contact the IT Help Desk immediately, if you are being asked for personal information, so we can confirm its legitimacy.
- Avoid clicking on links embedded in emails.
- Verify your personal information on the AU portal, including any financial information that you may have provided.
- Delete unexpected emails asking you to supply personal information.
- Be suspicious and change your password, if you suspect any malicious activity.
- Open your web browser and type in the web address yourself, if you believe it is legitimate, rather than clicking on a link embedded in an email.
- Phone the source to confirm its legitimacy.
- Routinely check your credit reports and bank statements.
- Remember that OIT will never ask you for your credentials or have you click a link in an email to log in.
AU will continue to assist individuals that are affected by phishing attacks, as well as work with authorities to prosecute the individuals associated with these crimes. If you believe you were victimized by any of the recent attacks, please contact Public Safety immediately. Please be extra careful.
Members of the community are encouraged to contact the IT Help Desk to schedule an IT security awareness presentation for their department or organization.
Did you know that American University has a policies page, where almost all of the University-wide policies are listed? Navigate to www.american.edu/policies to find American University's IT Security, Data Classification, and Computer Use and Copyright policies.
AU staff and faculty have access to a host of Cyber Security-related content through AsuccessfulU! To access it, log into ASuccessfulU, and choose Learning from the navigation drop down. Look for content with titles beginning with Reducing Your Digital Risk.
If you want to keep up to date with Cyber Security issues throughout the year, subscribe to the SANS "OUCH" newsletter! Navigate to www.securingthehuman.org/resources/newsletters/ouch/ and choose the Subscribe To OUCH Now! button.