A phishing attempt is one of the common types of cybersecurity threats we face daily. Anyone with an email account is a target for phishing scammers. The primary goal of phishing is to trick you into providing your credentials such as passwords or other sensitive information. In other cases, scammers may impersonate someone you know and try to convince you to purchase gift cards, asking you to provide the card number. Scammers and hackers are consistently finding new ways to make their messages more convincing, making even the most careful among us a victim by clicking on a link, opening an attachment, or simply responding to a message. Because these actions can have dire consequences, it is important to remain vigilant, use common sense, and understand the best practices that can keep your information safe.
To combat phishing attempts, the OIT has created a website, Phish Bowl, consisting of helpful tips to identify and avoid phishing scams, including links to the Cybersecurity and Infrastructure Security Agency (CISA) alerts page, and the SANS Institute’s Security Awareness Tip of the Day. Also included on the Phish Bowl page are a series of brief and entertaining YouTube videos on topics such as passwords, data handling, computer theft, phishing, and ransomware, and more. In just a few minutes per video, you can raise your awareness of crucial security best practices. For more information on how to identify and report phishing messages, please see https://blogs.libraries.rutgers.edu/agenda/iis-updates-january-2021/#phishing.
You are the first line of defense. If you receive a suspicious message, please forward it with Message Details to email@example.com immediately. We will review your message and report it to OIT, if necessary.
To further increase security, Rutgers has already required Duo two-step login for Rutgers Connect. Since it has been required for Rutgers Connect logins, cybercriminals have not gained access to a single Rutgers Connect account. Starting on July 1, Duo will be required for all websites and services accessed through Rutgers’ Central Authentication System (CAS) from on campus and off campus, including Box, Canvas, myRutgers, Webex, Zoom, and many others.
If you have concerns or questions about phishing or the additional Duo requirements, send an email to firstname.lastname@example.org.