ɫ

Nov. 3, 2020

Six ways to keep your inbox safe

What you can do to prevent your information from getting into the hands of a cybercriminal

Author

Advancement Staff

Woman sitting in a dark room with two monitors, one blue, one with coding, and a laptop
Here are six things you can do to prevent your information from getting into the hands of a cybercri Photo by cottonbro from Pexels

There are more than 950 phishing emails targeting ɫ email addresses reported every month. So what can students, faculty and staff do to protect themselves and our institution? Here are six things you can do:

  1. Check the sender.Do you recognize the email address? Were you expecting an email from this person? If there is a linkinthe email, when you hover over it, does it look like a legitimate URL? Are there spelling errors? Try typing the URL into your browser instead of clicking on the link. If there are attachments in the email and youare not sure if they are malicious or not, give the person a calland confirm they sent you the email.
  1. Look for the“external” markingat the top of an email.It looks like this, but will be in red:[EXTERNAL].This will tell you if the sender is someone outside of the university.Sometimes cybercriminalsmock upan important individual’s email, likea facultydean, anduse it torequest thingslike gift cards or your information.Every year IT receives reports of individuals deceived in this manner —cybercriminals pose as their boss, professor, dean orothers.If theemail is marked “external” you will know it’s not from someone atUCalgary.If it’s not marked external, you should still look for the clues above —sometimes cybercriminals can gain access toaUCalgaryaccountand send out malicious emailsfrom their email address.
  1. Keep yourpersonal information personal.Neveremail or textpersonal or financial information. Check your bank, credit anddebit card statements regularly. Never share yourUCalgaryor personal passwords with anyone.
  1. Findawork-around.Received an email saying you need to update your password? Getting calls from someone claiming to be from the Canada Revenue Agency? Instead of responding directly, close the email or hangup and godirectlyto the website to update your password ortofind thenumber to call the agency back. It’s better to make a customer service agent wait to speak to you than to unknowingly provide yoursensitive information to a cybercriminal.
  1. Trust your gut.If it sounds too good to be true, it likely is.Don’t click on links or open anyattachments. Follow the steps below to report it.

  1. Report it. Once you’ve “caught” the phish, make sure to report it to help prevent others from falling victim to it. This helps protect everyone at the university. If you receive a suspicious email, include it as an attachment in a new email to reportphishing@ucalgary.ca and then delete the email, or report it using the tools in your email navigation bar.

If youreceive a suspicious email and youare still not surewhat to do, feel free to reach out to the team. They can provide you with guidance and further information over the phone. More information and resources are also available on the .

What is IT doing to prevent phishing?

There area number ofprograms in place to help prevent phishing at the ɫ:

  • Cybersecurity awareness program: Toeducate andpromotegood cyber hygiene among students, faculty and staff.
  • Spam blocking technology: More than 99 per centof spam or phishing emails are blocked before they hitUCalgaryinboxes. Unfortunately, even with the best spam blocking technology, somemalicious emails will get through, making the above security awareness program so important.
  • Report phishing email(reportphishing@ucalgary.ca): To collect and act on phishing emailsthe spam blocking technology does not catch. Oncea phish is reported, our IT security team reviews the information and worksto remove the emailfrom other inboxes.
  • Markingexternal emails as “external” to help identify when an email is coming from outside the university (see above).
  • Phishing exercise program: In addition to the awareness program, phishing exercises, or simulations, are also sent periodically to help educate faculty and staff about what to look for to identify phishing emails.
  • Detailed phishinginformationonthe , includinga .

Faculty and staff have an added layer of protection through multifactor authentication —or MFA. This is a second verification, like a code sent to your mobile, in addition to your password. Students are also encouraged to .

Cybersecurity is everyone’s responsibility. By working together, we can help increase cybersecurity at the ɫ.

Follow the UCalgary to keepup to date on IT outages and news.

Related content

Speaker

Are your digital devices listening to you?

Read more

Hands on keyboard with graphic elements overlaid

New degree prepares tech professionals for cybersecurity challenges of the future

Read more

practice digital civility

Promote and practice digital civility in an online world

Read more

Cyber hygiene

Cyber hygiene is critical if you want to catch the phish

Read more

Ryan Burns is working with The City of Calgary to pull together a policy document to inform policy-makers about the different approaches toward data dissemination. Photo courtesy Ryan Burns

Citizens can use data to improve their cities

Read more

Tags