Category Archives: Risk

  • -

Beware of Good Ole Scammer Claus

Category:Information Security,Infosec Communicator,Internet Safety,Privacy,Risk Tags : 

I’m sharing the contents of an advisory I sent out to the RIT community regarding holiday scams and phishing attempts. I think you’ll find the information helpful.

scammer-clausBeware of Good Ole Scammer Claus!

As we head towards our holiday break, remember that there are many scammers trying to trick you into revealing credit card numbers and other Private information–information that can be used for Identity Theft. As part of their attempts, we’re seeing an increase in phishing attempts–some disguised as delivery confirmations.

Follow these guidelines to help ensure your Private information (and your money) stays secure on the Internet.

Use a Secure Computer

Use Strong Passwords

  • Use a strong, unique password or passphrase where allowed. See our How to Create a Strong Password brochure for tips on choosing strong passwords.
  • Take advantage of any additional security features offered by your bank.

 Be alert for phishing and scams

  • Never respond to an e-mail requesting that you reply with your login information. Scammers go to great lengths to make e-mails appear genuine, but no legitimate bank or retailer will ever ask you to submit private information by e-mail.
  • Never give out a bank account number to anyone, and be wary of anyone who insists upon cash or wire transfer only.

Research the Company and Website

  • Investigate any  retailer you are considering using. How trustworthy are they?
  • Check the company’s privacy policy.
  • Check for negative reviews using a search engine.
  • If you’re shopping at an auction site, check out the seller’s feedback.

Make Sure the Website Uses Encryption

  • The address bar should begin with https (not just “http”) and there must be a padlock in your web browser (the location varies by browser, it usually appears in the address bar or the status bar at the bottom).

Monitor Your Accounts

  • Keep track of all your purchases and account history from start to finish and beyond.
  • Save copies of your orders and receipts, as well as e-mail confirmations and product descriptions.
  • Follow up on your purchases by monitoring your bank account and credit card statements for any unauthorized transactions.
  • You may also want to check your credit report annually (check for free at www.annualcreditreport.com).

Problems and Complaints

Identity Theft

Online Shopping Complaints

Additional Links

Have a good (safe) holiday!

Enhanced by Zemanta

  • -

  • 2

Infosec Strategies: Creating Centralized Efficiencies in a Decentralized IT Environment

Category:Higher Education,Information Security,Infosec Communicator,Leadchange,Risk,Uncategorized Tags : 

Information Security Wordle: RFC2196 - Site Se...

My thoughts on one of the challenges facing infosec offices in higher education. It reflects my thoughts, and not necessarily those of my employer.

The institutional challenge of creating centralized cost-effective efficiencies in an environment with a strong tradition of localized, decentralized IT solutions and personnel is normative in higher education.

An Information Security Office can create centralized efficiencies by:

  • Modeling an effective centralized service organization that is responsive to the individual needs of specific departments. (One way to accomplish this is by regular meetings with stakeholders to ensure that the Information Security Office can enable their business, rather than create barriers with unreasonable requirements.)
  • Providing centralized security services such as vulnerability scanning of web and servers and security reviews of proposed solutions.
  • Managing compliance initiatives such as private information remediation centrally, leveraging an extended team composed of empowered college and division representatives.
    Read More

Categories