荔枝视频

Nov. 3, 2020

Six ways to keep your inbox safe

What you can do to prevent your information from getting into the hands of a cybercriminal

Author

Advancement Staff

Woman sitting in a dark room with two monitors, one blue, one with coding, and a laptop
Here are six things you can do to prevent your information from getting into the hands of a cybercri Photo by cottonbro from Pexels

There are more than 950 phishing emails targeting 荔枝视频 email addresses reported every month. So what can students, faculty and staff do to protect themselves and our institution? Here are six things you can do:

  1. Check the sender. Do you recognize the email address? Were you expecting an email from this person? If there is a link in the email, when you hover over it, does it look like a legitimate URL? Are there spelling errors? Try typing the URL into your browser instead of clicking on the link. If there are attachments in the email and you are not sure if they are malicious or not, give the person a call and confirm they sent you the email.  
  1. Look for the 鈥渆xternal鈥 marking at the top of an email. It looks like this, but will be in red: [EXTERNAL]. This will tell you if the sender is someone outside of the university. Sometimes cybercriminals mock up an important individual鈥檚 email, like a faculty dean, and use it to request things like gift cards or your information. Every year IT receives reports of individuals deceived in this manner 鈥 cybercriminals pose as their boss, professor, dean or others. If the email is marked 鈥渆xternal鈥 you will know it鈥檚 not from someone at U荔枝视频. If it鈥檚 not marked external, you should still look for the clues above 鈥 sometimes cybercriminals can gain access to a U荔枝视频 account and send out malicious emails from their email address.  
  1. Keep your personal information personal. Never email or text personal or financial information. Check your bank, credit and debit card statements regularly. Never share your U荔枝视频 or personal passwords with anyone. 
  1. Find a work-around. Received an email saying you need to update your password? Getting calls from someone claiming to be from the Canada Revenue Agency? Instead of responding directly, close the email or hang up and go directly to the website to update your password or to find the number to call the agency back. It鈥檚 better to make a customer service agent wait to speak to you than to unknowingly provide your sensitive information to a cybercriminal. 
  1. Trust your gut. If it sounds too good to be true, it likely is. Don鈥檛 click on links or open any attachments. Follow the steps below to report it. 

  1. Report it. Once you鈥檝e 鈥渃aught鈥 the phish, make sure to report it to help prevent others from falling victim to it. This helps protect everyone at the university. If you receive a suspicious email, include it as an attachment in a new email to reportphishing@ucalgary.ca and then delete the email, or report it using the tools in your email navigation bar.   

If you receive a suspicious email and you are still not sure what to do, feel free to reach out to the team. They can provide you with guidance and further information over the phone. More information and resources are also available on the . 

What is IT doing to prevent phishing? 

There are a number of programs in place to help prevent phishing at the 荔枝视频: 

  • Cybersecurity awareness program: To educate and promote good cyber hygiene among students, faculty and staff. 
  • Spam blocking technology: More than 99 per cent of spam or phishing emails are blocked before they hit U荔枝视频 inboxes. Unfortunately, even with the best spam blocking technology, some malicious emails will get through, making the above security awareness program so important. 
  • Report phishing email (reportphishing@ucalgary.ca): To collect and act on phishing emails the spam blocking technology does not catch. Once a phish is reported, our IT security team reviews the information and works to remove the email from other inboxes.  
  • Marking external emails as 鈥渆xternal鈥 to help identify when an email is coming from outside the university (see above). 
  • Phishing exercise program: In addition to the awareness program, phishing exercises, or simulations, are also sent periodically to help educate faculty and staff about what to look for to identify phishing emails.  
  • Detailed phishing information on the , including a .  

Faculty and staff have an added layer of protection through multifactor authentication 鈥 or MFA. This is a second verification, like a code sent to your mobile, in addition to your password. Students are also encouraged to .

Cybersecurity is everyone鈥檚 responsibility. By working together, we can help increase cybersecurity at the 荔枝视频. 

Follow the U荔枝视频  to keep up to date on IT outages and news. 

Related content

Speaker

Are your digital devices listening to you?

Read more

Hands on keyboard with graphic elements overlaid

New degree prepares tech professionals for cybersecurity challenges of the future

Read more

practice digital civility

Promote and practice digital civility in an online world

Read more

Cyber hygiene

Cyber hygiene is critical if you want to catch the phish

Read more

Ryan Burns is working with The City of 荔枝视频 to pull together a policy document to inform policy-makers about the different approaches toward data dissemination. Photo courtesy Ryan Burns

Citizens can use data to improve their cities

Read more

Tags