I think we can all agree that it has been an unusual summer, and the fall semester will likely be the same. And while Princeton’s Information Security Office (ISO) is still up and running, you will likely not see us in person on the campus any time soon. But this doesn’t mean we aren’t still thinking about security, and we want you to be as well.
Next month we will announce our fall online learning opportunities and events. In the meantime, we’d like to share some tips gathered from the National Cyber Security Alliance (NCSA) concerning coronavirus scams and best practices for remote learning and working.
Vigilance Against Coronavirus Scams – Best Cyber Security Practices for Remote Workers and Learners
Cybercriminals are seizing on coronavirus fears by using online scams to extract internet users’ personal and financial information. These scams – sent through email, texts, or social media – claim to provide coronavirus awareness, sell virus prevention products, and/or may ask for donations to a charity. They can often appear to be from a legitimate organization or individual, including a business partner or friend.
- Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
- Pay attention to the website’s URL (www.website.com). Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .edu).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Remember to visit the Princeton University Phish Bowl for a list of current phishing scams that have been reported.
- Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones, and tablets – up-to-date to reduce risk of infection from malware.
Tips for working and learning remotely:
- Use the University’s Virtual Private Network or VPN (GlobalProtect or SonicWall) to access select Princeton network systems. Home routers should be updated to the most current software and secured with a lengthy, unique password. Beware of connecting to public WiFi to access Princeton accounts unless using VPN.
- Consider separating your network so your University devices are on their own WiFi network and your personal devices are on their own. Watch the ISO’s webinar on securing your home network for more information.
- Keep devices with you at all times or stored in a secure location when not in use. Set your computer’s screen to lock automatically. This is helpful if you step away from your computer and forget to lock it manually.
- Limit access to the device you use for work. Only the approved user should use the device (family and friends should not use a University-issued device).
- Regardless of where you are located, stay safer and more secure online by updating software on all devices (including antivirus and firewalls), backing up data, enabling multi-factor authentication wherever you can, and have strong, lengthy passwords or passphrases for each online account.
The content above was provided by the National Cyber Security Alliance (NCSA) and adapted for Princeton University.