Amy Baker, VP of Marketing, Wombat Security, gives her advice on keeping personal information safe when taking the leap to university.
The beginning of the new university term brings many changes for those taking their first steps into higher education: new places, new routines, new friends… and new cybersecurity risks. With more and more educational institutions relying heavily on mobile and online applications, it’s important to make cybersecurity more than just an extracurricular activity.
1. Be on the lookout for phishing messages
Cybercriminals use fraudulent emails, text messages and social media posts to trick users into downloading dangerous attachments, clicking malicious links and/or revealing sensitive information (like financial, personal, or business data). Side effects of errant clicks and downloads include ransomware and other malware infections, compromised accounts and identity theft.
Don’t think phishing can’t happen to you; even the most savvy computer users have trouble identifying these kinds of messages, which are becoming increasingly sophisticated. Fraudsters like to create a sense of urgency, using scare tactics, ‘amazing’ offers and other traps that will prompt you to click or download right away. Be particularly aware of emails and social media posts with deals that tie to popular apps — image filters, game cheat codes, or free Fortnite V-Bucks, for example — if it sounds too good to be true, it probably is.
The best bit of advice with regard to fighting phishing is also the simplest: stop and think. Before you interact with a message or post — particularly an unsolicited email or text — consider the ramifications of what could happen to your data and/or your device if it is a scam. You want to do all you can to avoid putting sensitive information into the hands of hackers and scam artists.
2. Know your device and your apps
It’s critical to remember that devices are not only connected, they are interconnected. Social media accounts like Facebook are often linked with websites and other apps. Google is a sign-in vehicle for many applications. As such, a compromise in one account could lead to compromises in other places. This is one reason that website and application safety are so critical.
Mobile devices are particularly vulnerable because they are so app-driven and new applications are appearing all the time. Do your homework on apps before downloading – this is an indisputable bottom line: not all apps are safe. Applications that are downloaded outside of mainstream channels are particularly dangerous, but there are hazards lurking in Google Play, iTunes, Amazon and other popular app stores. Before adding an application to your device, you should read reviews, search online and check permissions. If you add an unsafe app that has broad access permissions, your data could easily end up in the hands of cybercriminals.
3. Limit what you do on free Wi-Fi
Open-access or free Wi-Fi networks are very tempting because they allow certain mobile applications and services to run without impacting data plans. But using free Wi-Fi can be costly in other ways. It is very easy for a cybercriminal to ‘snoop’ on unsecured Wi-Fi hotspots and steal passwords and other data; some hackers even set up false networks to do just that. It’s always best to opt for a known, password-protected network. But if you must use free Wi-Fi, be sure the network is owned and operated by a reputable source such as your university itself, before connecting. In addition, avoid entering passwords, sending personal information and making purchases while on an unsecured connection.
4. Be selective about sharing on social media
Given that social media posts are designed for public consumption — and that many of us don’t have personal relationships with the people who follow and friend us on social channels — it’s clear that, in many cases, we’re not just sharing, we’re over-sharing.
It’s important to remember — especially for students — that the photos, observations and activities that are posted on social media can have an impact far beyond a circle of online friends and followers. Across the pond in the US, a recent Kaplan Test Prep survey found that 68% of colleges feel that applicants’ social media profiles are ‘fair game’ when it comes to the admissions process and 29% of admissions officers say they have used social media to make decisions about prospective students. The numbers only go up with prospective employers: CareerBuilder’s 2018 social media recruitment survey revealed that 70% of employers use social media to research job candidates and 57% said that what they’ve seen on social profiles has caused them to reject an applicant.
All social media users should assume that everything posted on social networks is public and permanent. Not only can this affect future employment prospects, but malicious cybercriminals can also use your personal information on social media to great effect when it comes to launching realistic and targeted attacks.
Remember, if you wouldn’t say it to or share it with a stranger, it probably shouldn’t be posted on social media. Students in particular should be cautious of the personas they create for themselves online because of the potential future ramifications.