IT Handbook - Directories - University of Cincinnati
IT Handbook - Directories - University of Cincinnati
IT Handbook - Directories - University of Cincinnati
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
• Send Spam to spam@uce.gov and then delete it.<br />
• Report other e-mail abuses to abuse@uc.edu.<br />
A thorough review <strong>of</strong> “How To Fight Spam” will help to understand the world <strong>of</strong> spam and how you can help<br />
control it: http://www.uc.edu/infosec/info/fightspam.html<br />
Social Engineering and Phishing Attacks<br />
Social engineering is used by criminals to gain unauthorized access to a computer or secure building. This<br />
is a non-technical intrusion that relies on people’s complacency regarding the value <strong>of</strong> the information<br />
they possess and their responsibility to protect it. Social engineers’ ploys <strong>of</strong>ten involve tricking people into<br />
breaking normal security procedures. Examples <strong>of</strong> social engineering behavior include the following:<br />
• Someone calling on the phone asking for information such as a user ID and password.<br />
• Someone “dumpster diving” to find memos, system manuals, and printouts <strong>of</strong> sensitive information.<br />
• Someone pretending to be an outside consultant or temporary worker.<br />
• Someone “piggy-backing” entrance to a building by following in an authorized person, thus avoiding<br />
presenting ID. If you permit someone access, make sure you know who he or she is.<br />
• Someone creating a persona that makes him or her appear to be a person in authority, so people ask the<br />
hacker questions, rather than vice-versa. This is “reverse social engineering.”<br />
• Phishing uses e-mail or web sites to solicit personal (<strong>of</strong>ten financial) information. Attackers send e-mail,<br />
seemingly from a reputable credit card company or bank that requests account information. Often, the<br />
message suggests that there is a problem that needs their attention.<br />
• Learn more about phishing by watching this video: http://www.uc.edu/infosec/info/videos.html<br />
Phone / PDA / Mobile Device Security Tips<br />
• Set a password, lock pattern, or PIN on your phone to prevent unauthorized use and make it more difficult<br />
to hack if stolen or lost.<br />
• If your phone has Bluetooth functions, disable them until they’re needed, and then set visibility settings to<br />
“hidden” so that your device cannot be scanned by other Bluetooth devices.<br />
• Limit the amount <strong>of</strong> sensitive or personal information such as passwords and account information stored<br />
on your mobile device.<br />
• Consider purchasing anti-virus s<strong>of</strong>tware for your phone and make sure it is frequently updated.<br />
• Only download apps from trusted sources.<br />
• Do not jailbreak your mobile device as this can open up security holes<br />
• Treat mobile devices as you would your wallet, keys, or laptop; don’t leave them in plain sight and keep<br />
them close to you at all times.<br />
USB Drives / Thumb Drives / Jump Drives and other Mass Storage Devices<br />
These drives are a very convenient and commonly used method to hold personal files and school work.<br />
Unfortunately, the small physical size <strong>of</strong> these devices makes them easy to lose or to steal.<br />
• If you use a mass storage device to store any important or sensitive data—class work, research data, clinical<br />
information, personal files, etc.—make sure that the data is protected by encrypting the device.<br />
• Many modern mass storage devices come with a security utility that can encrypt sensitive files.<br />
• If you do not have encryption on your mass storage device, don’t keep sensitive information on it.<br />
Social Media Safety<br />
What is social media?<br />
Social media refers to the means <strong>of</strong> interactions among people in which they create, share, and exchange<br />
information and ideas in virtual communities and networks.<br />
What are some examples <strong>of</strong> social media web sites?<br />
Several social media sites have become extremely popular in the last few years for internet users <strong>of</strong> all ages.<br />
Some examples include: Facebook, Twitter, LinkdIn, Instagram, and Tumblr.<br />
What are some advantages <strong>of</strong> using social media web sites?<br />
• Easy Information Exchange Facebook and similar sites allow users to gain access to personal information<br />
very quickly, including home and cell phone numbers, addresses, photos, videos, and events.<br />
78