Nowadays, most of us who have spent more than a few years exploring this little thing called ‘the Internet’ know how to spot your average everyday email scam — which at their worst may contain viruses and spyware, and at their best still take up what little valuable space is left in your brain, I mean inbox. Unfortunately over the years, many con artists have adapted their online tactics to fit the social media platforms we know and love, finding ever more ingenious ways to gather information on both a personal and university level.
UCI embraces a corporate culture characterized by a convergence of professional personas — and we strive to develop adequate policies to mitigate the ever present threat they pose to university information security. Protect yourself and your department from such cyber attacks by making preventative education an essential part of your department’s cyber security system.
The Office of the Vice Provost for Teaching and Learning (OVPTL) wants you to be aware of possible cyber security threats. That is why we want to bring your attention to the resources that have are available to you. UCI has gathered many useful links on security tips, and if you want a deeper dive, explore a comprehensive online tutorial through UC Learning Center.
At their most fundamental, security threats generally utilize the information already publicly available and easily accessed to create opportunities to steadily subvert, control, and gain access to varied resources. In simple terms, there are people who might find a way to hack your or your friends’ social media accounts.
We want you to be informed and keep your accounts safe. To start, you should learn what each of the major social media platforms suggest to keep safe.
As Facebook continues to be a medium that campus programs and departments use to communicate with students, it important to understand what to do in certain situations. If you think your account has been hacked, or you are seeing a significant amount of spam, check out this resource from Facebook that shares simple steps of what to do.
Sometimes common sense is the best defense. Instagram suggests that you have a strong password and always make sure to logout and clear the cached history of phones and public computers that you may have used. Learn more details here.
Like any social media platform with a high volume of users, it is important to take small steps to secure your account. Twitter suggests having a strong password, utilizing login verification through their app, and also encourages users to utilize caution when third party apps ask for authorization. Read more from Twitter here.
Many students at UCI are on Snapchat, and a few departments are trying to experiment with the photo and video sharing platform. Their online support for cyber security says that staying safe on Snapchat is everyone’s responsibility. Their available resources discuss being aware of what you are posting, and they cover what steps to take if you encounter bullying. Read more here.
Some of the more common cyber threats that you should be aware of occur across multiple platforms such as:
Possession of Shortened Links
Social media platforms such as Facebook and Twitter are particularly susceptible to the unsuspecting distribution of malware or infected links, due in part to the growing popularity of URL shortening services such as bit.ly and tinyurl. Truncating the link using one of these sites may have become common due to its convenience, but it also makes fake links much harder to recognize. When a link is shortened, the victim is not immediately aware that the link they clicked will take them to an illegitimate site, or installs malware.
This can be one of the most difficult methods to prevent beforehand, and personal discernment is always encouraged when clicking on unknown links, even those sent by a trusted friend or contact. Make sure to check your default privacy settings when opening a new account, filter out any messages sent from unverifiable followers or shell accounts, and continue to modify your settings as necessary.
Confidential Information Leak
Social media platforms are designed to disseminate personal information, encouraging employees to reveal seemingly nonessential technical information to the general public — information which can then be used by cyber criminals to anonymously target specific individuals based on their profiles.
Just in case, make sure to secure any mobile devices linked to your social media accounts. Designing strong and varied passwords can be a powerful safeguard for the digital security of your social media accounts and devices.
Phishing Your Friends
Phishing, and more specifically targeted or “spear” phishing attacks, are common techniques of social engineering, serving the same purpose of gaining access to resources such as money or confidential information. While both types of phishing exploit fear and anxiety rather than system vulnerability to get users to part with their money, they differ in their range of target victim. The typical phishing scam will send massive amounts of fraudulent materials, such as emails requesting private information which appear to come from a legitimate business, to reach a larger target audience.
Unfortunately, most social media websites require extensive biographical information in order to open an account — an undeniable wealth of information teeming with the potential for fraud. By limiting other user’s access to your biographical information, you also minimize your chances of becoming a potential target.
Don’t Forget to Logout
Use caution with public computers or wireless connections. Try to avoid accessing your social media accounts on public or other shared computers. But if you must do so, remember to log out completely by clicking the “logout” button on the social media website to terminate the online session.
Be mindful of accessing your social media accounts on public wireless connections, such as at a coffee shop or airport. It is very easy to eavesdrop on Internet traffic (including passwords and other sensitive data) on a public wireless network.
The point of becoming aware is not to get scared, but to become more aware. As we continue to move towards a more digital world, we must be diligent in our efforts to make cyber security a top priority. If you would like to meet with one of our communication specialists to go over any cyber concerns, please email Ryan Foland at email@example.com.
For further OVPTL password tips and tricks, check out this article on best practices in password security.