Internet Safety and Best Practices

Overview

You are the first line of defense in protecting Saga’s data. This is especially important considering we work with students whose information we need to keep safe. We will go over some best practices that you can use to prevent phishing attempts and malicious attacks.

Phishing

Phishing is when you receive an email from an imposter acting like a reputable source or someone you know. It is possible to make an email look like it is from a specific person or company when it really isn't. When this occurs and you are asked for personal information (phone number, address, passwords, credit cards, social security number, etc.), the imposter is looking to collect your information for nefarious purposes. This is known as phishing.

Here are some ways to spot phishing emails:

  1. Too Good To Be True - Lucrative offers and eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim you have won an iPhone, a lottery, or another lavish prize. Don't click on any suspicious emails. Remember that if it sounds too good to be true, it probably is!
  2. Sense of Urgency - A favorite tactic amongst cybercriminals is to ask you to act fast because of an urgency or time-limited offer. Some of them will even tell you that you have only a few minutes to respond. When you encounter these kinds of emails, it's best to ignore them. Sometimes, they will tell you your account will be suspended unless you update your personal details immediately. Other times, they will tell you that a warrant is out for your arrest and that you must act fast to avoid arrest. Most reliable organizations give ample time before they terminate an account. When in doubt, visit the source directly rather than clicking a link in an email.
  3. Payment via Gift Cards - Legitimate companies will not ask you to pay by purchasing a gift card and giving them the information. This is a favorite tactic for scammers to collect money since your bank will not be able to recover the funds.
  4. Hyperlinks - A link may not be all that it appears. It is possible for any text to link you to a different website. For example: www.amazon.com. Note that this link takes you to saga.org, not amazon.com! Hovering over a link shows you the actual URL where you will be directed; if the name of the URL seems fishy, don’t click on it. Watch out for URLs of well-known websites with a misspelling, for instance, www.bankofarnerica.com - where the 'm' is actually an 'r' and an 'n.’ Getting into the habit of hovering over links can save you from getting into unsafe territory. When in doubt, manually type in the URL instead of clicking on it, which will help you catch potential fraudulent URLs.
  5. Attachments - If you see an attachment in an email you weren't expecting or that doesn't make sense, don't open it! Attachments often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.
  6. Unusual Sender/Subject - Whether it looks like it's from someone you know or not, if anything about the sender or subject line seems out of the ordinary, unexpected, out of character, or just suspicious in general, don't open it!
  7. Spam - Saga uses Google and Trend Micro to flag spam and potentially malicious emails. If an email is in your Spam folder or tagged with Risky (by Trend Micro) , it is likely for a good reason! Do not respond to these messages or click links without checking with Saga's IT team first.

Lastly, trust your gut. If something seems “fishy,” report it as spam and/or phishing. You can also reach out to the Saga IT team to get a second opinion on a suspicious email. Saga IT will also NEVER ask for your password, multi-factor authentication code, or payment information. Never share your password with anyone, even if they are your friend or family member.

Extensions

Extensions are one way for attackers to compromise your device. Make sure only to use safe, trusted extensions. If you are unsure if an extension is legitimate or safe, ask the Saga IT team to look at it. Use the official extension store for your browser, and do not download extensions from other sites. The official Chrome Web Store is: https://chromewebstore.google.com/

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles