Phone Scams – Be Alert

Traffic Sign with the words Scam AlertWe want to remind you that phone scams happen frequently and remind you to stay alert. The calls can be received on  any campus phone or cell phone. Although there are many different types of phone scams, the most common types are: IRS Scams, Jury Duty Scams, Tech Support Scams, and Government Grant Scams.

Most recently, a Government Imposter Scam is gaining momentum at universities and businesses around the country, including in Houston. Specifically, this scam impersonates the Chinese Consulate and claim’s the individual’s immigration status may be in jeopardy.

We know that identifying a scam can be tricky and with caller ID spoofing, this tricky task can become extremely difficult. Here are some tips to help you avoid becoming a victim of a phone scam:

  • Be suspicious. Never trust a name or number on your caller ID. It is ok to hang up if something does not feel “right.”
  • Never allow an unknown person access to your computer.
  • Never give out personal information such as account numbers, social security numbers, and passwords.
  • Never wire money to or purchase a gift card for a person you do not know.
  • File a complaint with the Federal Trade Commission. If the scam involved access to Sam Houston State University equipment, contact the IT@Sam Service Desk immediately.

Stay safe, Bearkats.

Identifying Phone Scams

Traffic Sign with the words Scam Alert

Have you recently received a phone call from someone telling you that there is something wrong with your computer and they need to fix it? If so, this was most likely a phone scam.

Identifying a scam can be tricky and with caller ID spoofing, this tricky task can become downright difficult.

There are four common types of phone scams:

IRS Scam

We are close to tax season, so be on high alert for this scam. This involves the caller threatening legal action and/or arrest if a fine is not paid. If you take the bait, they then “verify” your personal information by asking for sensitive information such as your social security number, credit card number, or bank account information.

Jury Duty Scam

This scam involves the caller claiming that they are a member of law enforcement and they are warning you of a warrant for your arrest due to not reporting for jury duty. Again, if you take the bait the call caller asks for you to verify your identity by providing sensitive information such as your social security number.

Tech Support Scam

A person calls you claiming to be from Apple, Microsoft, or even IT@Sam and tells you that your computer is experiencing problems that needs correction. If you take the bait, they will direct you to a website to install a program that will give them access to your computer. Once they have access they can install malware and/or obtain sensitive data from your computer.

Government Grant Scam

With this scam, you will receive a call offering you free money for various reasons. The catch is that you will have to pay a “processing fee” to receive the money. Once the person has your bank or credit card information, they take more than the “processing fee.”

General Tips

  • Never allow an unknown person access to your computer regardless of how convincing the caller may be.
  • Never give out personal information such as account numbers, social security numbers, mother’s maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious.
  • If you get an inquiry from someone who says they represent a company or a government agency seeking personal information, hang up and call the phone number on your account statement, in the phone book or on the company’s or government agency’s website to verify the authenticity of the request.
  • File a complaint with the Federal Trade Commission if you feel you have been the victim of a scam. If the scam involved access to Sam Houston State University equipment, contact the Service Desk as well.

As always, if you are unsure about the authenticity of a call, please contact the Service Desk at ServiceDesk@shsu.edu or x4-1950.

Data Privacy Day: Wi-Fi Networks

data privacy day logoThis year one of the focus points of Data Privacy Day is ‘Safeguarding Data.’ To help you safeguard your data, we encourage you to use the SamNet Wi-Fi network and other secure Wi-Fi networks rather than SamNet Guest and unsecured Wi-Fi networks.

When using unsecured Wi-Fi networks, you run the risk of having your data intercepted by malicious people that are able to place themselves between you and the hotspot. These bad actors can easily see emails, passwords, and instant messages. (Read an eavesdropper’s account of what he was able to see and do in a June 2013 article in PCWorld.)

In addition, using a secure protocol (such as HTTPS when browsing the web) helps to reduce your risk. However, this does not protect you fully on unsecured networks. Use of sophisticated hacking tools on unsecure Wi-Fi networks can attack some of these protocols and intercept personal data.

Bottom line: It is always best to use a secure Wi-Fi network if one is available to you.

Hacked? Data Breach? What to do to protect yourself and SHSU

Seems like every week there is at least one headline reporting a security breach. In fact, Forbes recently reported a file located on the Dark Web contains 1.4 billion stolen passwords and usernames.

At the SHSU Information Security office, we constantly monitor these reports and assess threats to our campus community.  In this case, we reviewed the information and found no notable impact; however, a few accounts did appear on the list and were immediately disabled. IT@Sam is working with the account owners to reset passwords and reactivate access.

Data thieves and hackers are becoming increasingly aggressive and sophisticated. It is more important than ever to protect yourself and the university.  Below, are recommended best practices when creating passwords for online accounts:

Best Practices for Passwords

  • Use a unique and strong password for each site you use.
  • Use a password manager (i.e. KeePass, LastPass, 1Password, or Dashline) to keep track of all of your passwords and help you generate random, strong passwords when you need to.
  • Change all your passwords regularly, even if the site does not require you to do so.
  • Setup Two-Factor authentication if the site allows for it. This will add a layer of protection as the site will ask you to use a code sent to you via a text message or smartphone app as a second password.

We are here to help! If you ever suspect that you may have been hacked, contact (936) 294-HELP for immediate assistance.

National Cyber Security Awareness Month

Poster that states October is National Cyber Security Awareness Month. Securing the Internet is our shared responsibility. Get involve and promote a safer internet for everyone.National Cyber Security Awareness Month (NCSAM) – observed every October—was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.

We lead Internet-connected, digital lives, even when we are not directly connected to the Internet. The Internet is a shared resource and securing it is Our Shared Responsibility. Everyone has a role in securing their part of cyberspace, including the devices and networks they use.

Throughout the month, IT@Sam will share tips and resources to help you implement stronger security practices. Together we can create a digital society that is safer and more resistant from cyber-attacks.

For additional information read A History of NCSAM.