UC Santa CruzInformation Technology Services
  Home About ITS Services ITS News Policies Governance ITS Staff Site Jobs Find An Answer Feedback

Cyber Security Information for Students

Home > IT Security Awareness > Cyber Security Information for Students

October is National Cyber Security Awareness Month! There are many cyber security threats out there, but it is important to remember that most of them are avoidable. The information below will help you to better protect yourself against some common cyber security threats. For some general cyber security dos and don’ts, check out ITS’ Top 10 List of Good Computing Practices.

Internet Privacy
Phishing and Other Scams
Mobile Devices
Copyright / Legal File-Sharing Services
Video Contest Winners
Security Awareness Website
Getting Help


INTERNET PRIVACY
A good rule of thumb is to only post information you would be willing to write on a banner in a public place.
Privacy on the Internet continues to be a challenge. It is best to assume that any information you enter online is public unless you are using a known, trusted, secure site. Social networking sites (such as Facebook, MySpace and Twitter), personal web pages, and blogs are notorious as places people can go to find personal information about you and read your uncensored opinions.

Always remember:
  • You may be sharing what you post with a larger audience than you think, such as prospective employers, landlords, instructors, college officials, coworkers, law enforcement, the government, etc.
  • Seemingly innocent information about your interests, family, or history could be used by hackers for identity theft, or even by stalkers.
  • Once you post something online, it can be very difficult to “take it back.” Even if you delete the information, copies can still exist in on other computers, web sites, backups, or in search engines.
  • Other people may not always tell the truth online (or in person, for that matter).
  • Don't give personal, financial, or log-in, information to anyone you don't know or who doesn’t have a legitimate need for it (in person, over the phone, via e-mail or the Internet).


PHISHING AND OTHER SCAMS
Criminals and hackers are constantly coming up with new schemes designed to compromise computers, steal personal or private information or passwords, or trick you out of money. Even as more “traditional” phishing scams continue, new ploys are emerging to trick you into clicking on malicious links or installing harmful software on your computer. Two scams that seem to be picking up steam right now are:

  1. Malicious "tiny URLs": These are links to malicious web sites that have been shortened so you can’t tell by looking at them where they will take you
  2. Malicious links to fake videos: In this scam, you are urged to click on a link to a video. When you click on the link, you get a message that you need to install a missing video plug-in to see the video. The fake plug-in is harmful software that will infect your computer.

Both of these scams are especially common on Twitter, Facebook, and Myspace, but they also show up in spam and instant messages (IM).

Here are a few pointers to avoid getting fooled:

  • Only click on links from trusted sources. Never click on a link from a “mystery source” unless you have a way to independently verify that it is safe.
  • Delete unsolicited e-mails; don't open, forward, reply to, or click on links or attachments in them.
  • Don't give private information to anyone you don't know or who doesn't have a legitimate need for it (in person, over the phone, via e-mail or the Internet).
  • You should never disclose your password to anyone, even if they say they work for UCSC, ITS, or other campus organizations.
  • If an offer sounds too good to be true, it probably is. If you want to investigate something, look it up on your own (e.g. do a Google search) instead of clicking on an unknown or unsolicited link.


MOBILE DEVICES
Assume that at some point your phone and other mobile devices will be lost or stolen. Only store information you’re willing to lose. Also think about what you send with your phone. If you want to send something private, make sure you’re connected to a secure, encrypted network or website first, or don’t send it.  If you’re not sure, assume it’s not secure. Here are a few more tips to help protect your information and your privacy

  • Set a passcode so only you can get in – but still don’t store anything you’re not willing to lose. A simple 4-digit passcode won’t keep people out for very long!
  • Enable auto-lock so your device locks when you’re not using it – and require your passcode to start back up if that’s not automatic.
  • Enable “Ask to Join Networks” so you don’t connect to wireless networks without your knowledge.
  • If your device has a web browser, set the browser to block pop-ups and to only accept cookies from sites you visit.


COPYRIGHT / LEGAL FILE-SHARING SERVICES
The University takes copyright law very seriously. If you share copyrighted material without permission, you are breaking the law and could be subject to University, criminal, and/or civil sanctions. Residential Networking (ResNet) wants you to have an enjoyable and worry-free experience on the Internet, so please do not violate copyright laws.

We encourage you to use legal file-sharing services for obtaining music, movies, etc. on the Internet. A large list of digital music, video, and other services is available from ResNet at http://resnet.ucsc.edu/music-sources/.


VIDEO AND POSTER CONTEST WINNERS
Check out the winning entries from Educause’s 2009 "Computer Security Awareness Poster & Video Contest" for students. Winning topics range from general computer security, to backing up your computer, to phishing, and more.


SECURITY AWARENESS WEBSITE
ITS' Security Awareness web site offers a wide range of practical information and resources for safer computing.


GETTING HELP
If you ever have a question about a cyber security issue, contact the ITS Support Center

 

Rev. October 2009