Information Security and Phishing

TechNews, , ,

ID Badge IconNearly 20 million students in the US are expected to attend universities this fall. 

This is an exciting time for Simmons as our students, faculty, and staff return for the academic year. Unfortunately, the return to school provides ample opportunities for cybercriminals who wish to take advantage of people during these particularly busy times.

Phishing attacks are once again on the rise, accounting for more than 20% of data breaches in 2021[1]. It is estimated that one in every 99 messages (1.2%)[2] is malicious which equates to nearly 3.4 billion fake emails per day.

Luckily there are some healthy security practices that we all can take to reduce risk:

  • Beware of email messages claiming to be of an urgent nature.
  • Pay attention to the sender of the email message.
  • Look out for fake logos, signatures, or suspicious message contents.
  • Check those URLs; only visit official, reputable websites with encryption.
  • Think twice before clicking links or opening attachments.
  • Protect your passwords and use different passwords for your work, school, and personal accounts.
  • Keep your machine clean. 
  • Make sure that all of your devices, apps, browsers, and antivirus software are up-to-date.
  • Delete sensitive information if you no longer need it.
  • Back-up your files regularly. 

Be mindful of common scams targeting college students, including:

  • Emails that contain “important information about your Simmons account” or a “problem with your registration”
  • Tech Support scams where you get a call about a “problem with your computer”
  • Scholarship scams, textbook rental or book-buying scams.
  • IRS scams demanding money for a fake “federal student tax”
  • Tuition reimbursement or student debt cancellation scams
  • Messages asking for your login information, passwords, or other personal information
  • Fake friend requests, fake login pages, and fake DropBox or Google Docs share notices.

Thank you for your continued cooperation supporting your information security and online safety!  For more information about phishing and Internet scams, as well as ways to identify them, please visit our Phishing and Scams resource page

Please send any questions or concerns to Simmons Information Security Officer, Richard Phung, or the Technology Service Desk.  

[1] Verizon 2021 Data Breach Investigations Report (https://www.verizon.com/business/resources/reports/dbir/)

[2] Valimail Email Fraud Landscape Spring 2019 Report (https://valimail.docsend.com/view/qndhuhn)

Icon made by Pixel perfect from www.flaticon.com

Departing? Export Your Data

TechNews, , ,

Icon for Digital ContentsAmid completing finals, saying good-bye to friends, and preparing for what’s next, it is important for departing students to preserve their digital files that made-up their educational experiences. After leaving the University, Simmons accounts remain active for six months.  After that, stored data may be irrecoverable. We recommend making preparations to export and backup data now while there’s still plenty of time.

Exporting data for later use may seem like a daunting and stressful task, however, special utilities make this important job much easier.  Google Takeout is a free, easy-to-use product that automates the download of user data across Google’s services making it ready to be uploaded to a new account or preserved as a back-up.

How does it work?

  • Log into Google through your Simmons login.
  • Visit the Takeout website:  https://takeout.google.com
  • Choose the products and services you wish to back-up.
  • Follow the instructions to create an export.
    The files are collected into a ZIP and can be downloaded for safekeeping.

Some downloads may take a long time. Do not worry! Google will notify you via email after they finish packing things up and when downloads are available.  Please allow yourself some time to ensure that all of your data is securely backed-up.

What is included?

Most of your Google data can be exported, including but not limited to: Gmail, Google Apps, Google Calendar, Google Drive Files, Google Keep, and YouTube.

What is not included?

Google Drive files that you are not the owner or editor; and files where downloading and copying has been disabled. Although much of your data can be downloaded and backed-up, Google may place restrictions on what can be imported to a new account.

Where can I learn more?

Google’s Account Help Pages describe the basic procedures:

The Simmons Technology Service Desk is available to help.

Important Sharkpass/Duo Changes

TechNews, , ,

Icon of No PhoneSimmons uses SharkPass to provide an additional layer of security for our Simmons login. In recent years, SMS passcodes, Duo Mobile Passcodes, and Telephone voice call verification have become avenues for scammers to steal login credentials.

On July 11, 2022, Technology will disable the use of SMS passcodes, Duo Mobile passcodes, and telephone voice calls as authentication methods for SharkPass.  Users authenticating using their Simmons Account credentials after this date must use a Duo Push to their mobile device, or an approved security token.

The Duo Push is the preferred authentication method for Sharkpass/Duo as it offers an easy-to-use and seamless experience for the community in addition to increased security.

To avoid any potential service disruptions, be sure to enroll and begin to use your Duo Push-enabled smartphone or mobile device to be used with SharkPass. Instructions may be found at the SharkPass Information website.

What if I don’t have a cell phone or mobile device?

If you do not have a cell phone that is compatible with the Duo Push, you may be eligible for a free two-step verification hardware token. Please contact the Service Desk, at 617-521-2222.

These changes are a part of Simmons’ continual efforts to make our systems more secure.  Please be on the lookout for future communications describing improvements to this service.