Cybersecurity

OIT’s Cybersecurity department coordinates University information security initiatives, creates awareness for information security issues, and investigates information security incidents.

“Are you available ?” – Phishing Scam

iTunes gift card

This phishing scam is trying to get clicks in University emails. Some users have reported they received an email (which looks like it’s coming from a supervisor) that is trying to solicit a conversation/reply email.

Here is a sample of the message:

From: *REDACTED*
Subject: ARE YOU AVAILABLE
Date: December 05, 2018 at 9:37:12 AM MST
To: [Your email]

Are you available?

___________________________________________________________________________________

While this email is simple and doesn’t have any malicious attachments it is using social engineering to get a response email from an unsuspecting user, but the sender isn’t the correct email and most do not come from a boisestate.edu domain.

Once this type of scam has been interacted with, the scammer usually makes up an excuse about being in a meeting and wants the recipient to do an important favor as soon as possible. The favor the scammer wants is for the recipient to purchase iTunes gift cards, scratch off the pin numbers and send them back a picture of the cards and pin.

Tips to avoid becoming the victim of a scam

Always check the address of who the email is coming from. Many times scammers will use a similar name or try and add Boise State in the address to trick users. One important part is to look for what comes after the “@” symbol – this is the domain part. Domains listed with @yahoo.com, @aol.com, @gmail.com, @hotmail.com are not university emails and users should exercise cautions before responding to these emails.

If using a mobile device sometimes the full email address does not show automatically. You can check the address by clicking on the view details. This is usually located at the top of the email with the sender, recipient, and date information. All mobile devices and mail apps differ so it’s best to confirm with your manufacturer and/or application on the best way to view details.

If you are unsure about an email contact the Help Desk at (208) 426-4357, email at helpdesk@boisestate.edu, or chat online.

Shop Safe Online This Holiday Season

Santa handing a present through a laptop screen.

Let’s cut to the chase… we all love a good deal. And this holiday season is no exception. According to data via Statista and eMarketer, U.S. holiday online sales amounted to $106.1 billion dollars last year. This year, 2018, is poised to eclipse all holiday shopping online with a projected $123.4 billion dollars!

A recent survey from location data technology firm Blis found that 57.7% of shoppers said they plan to do the most of their holiday shopping online, and 37.3% said they will shop more online than they did last year. Also, Adobe Digital Insights 2017 records show a whopping 56% of shoppers will use their mobile devices to make purchases.

While this is good news for E-commerce stores, it also means that we need to be extra cautious when giving out our sensitive information online.

To help keep you safe this holiday season here are some cybersecurity tips to use for the Cyber Shopping FunDays.

  1. Be Aware While Using Public WiFi
    Do not conduct sensitive activities such as online shopping, using a public wireless network as they pose a major security alert. Free WiFi networks are a hacker’s paradise owing to lack of proactive security.
  2. Use Only Secure Websites
    Black Friday and its online equivalent Cyber Monday means more shoppers making purchases on the Internet. When shopping, only visit secured sites and look for the little icon of a padlock next to the webpage’s URL to indicate that the site is safe to use.
  3. Avoid Deals Too Good to Be True
    Although you may be shopping for deals, there are some discounts or promotions that might be a scam in disguise. If you get an email from an unknown sender advertising cheap or free electronics, travel tickets or other merchandise, be on the lookout for signs of a scam. Schemers may ask you for your personal information or credit card details to get the deal, but avoid clicking on any links that request this information.
  4. Use Unique Passwords
    Ensure that you use different passwords for different E-commerce websites and mobile apps. Make use of passwords that are complex and unique in nature.
  5. Use Multi-Factor Authentication When Possible
    Relying on more than a password to secure online accounts is so important because passwords are relatively easy to steal or compromise. Passwords can be vulnerable to eavesdroppers on cafe and airplane wifi, to tech company data breaches, and to phishing attacks. Add in a second factor, though, and an attacker needs more than just your password to access your accounts.
  6. Think Before You Click
    Use caution while clicking on any unknown links. Delete emails that seem suspicious or are from unknown sources. Scammers would make use of your email address to send shopping deals or discount coupons that look genuine in nature.
  7. Limit The Information You Post Online
    When you create a new account on any E-commerce app or website, ensure that you just provide your basic information required to get your account active. There is no need for you to answer security or privacy questions while making a purchase or checking out on the E-commerce app or website.
  8. Review Apps Before Downloading
    Always make it a point to download mobile apps from the official app stores or the official website of the E-commerce retailer. Be aware of what information or app permissions are being asked before you click on the download button. Avoid downloading apps from third-party play stores as threat actors make use of the festive season to create fraudulent apps that look as if they are associated with the real brand.
  9. Monitor Your Credit Card and Bank Statements
    Cybercriminals might take advantage of the fact that you may be too busy with shopping and visiting family this Black Friday to actively monitor your financial accounts. While you may be occupied, continue to look at your statements for any suspicious activity.
  10.  Use A Credit Card Instead Of Debit
    While you could choose cash to avoid having your information processed at POS systems, your next best bet is a credit card. Credit card companies often will not hold you liable for fraudulent purchases. In the event someone does get a hold of a card without permission, consumers are also liable for less money with a credit card than a debit card.

Security Awareness Tip of the Day

Major News Events
December 12, 2018

Major News Events

Securely Disposing Mobile Devices
December 11, 2018

Securely Disposing Mobile Devices

Trust Your Instincts
December 10, 2018

Trust Your Instincts

When Away
December 07, 2018

When Away

Back To Top