Cybersecurity Awareness Month 2024 has come to a close, but our competition is still open! This is the last call to play ‘The Inside Man: New Recruits Game’ in KnowBe4. You must complete the game by November 22nd to be entered into the drawing for our Cybersecurity Awareness Month prizes: Find the directions to access this […]
Cybersecurity Awareness Month 2024 is coming to a close. This year, we hosted two webinars, promoted key behaviors to encourage every employee to take control of their online lives, and published weekly newsletters full of content authored by the Office of Information Security. Below, you will find a recap of some of the key events […]
Watch this on-demand webinar (1:06:11) where Perry Carpenter, Chief Evangelist and Strategy Officer at KnowBe4, spotlights how criminals weaponize artificial intelligence.
Device security is essential for protecting your privacy and data. Top-notch device security involves tweaking built-in features. Protect your devices and data using the strategies in the how-to guides below.
Artificial intelligence art generators are trained on billions of existing images. When you enter a prompt, the AI art generator builds an image by combining aspects of its training data into a single image. Meanwhile, deepfakes are trained on photographs and videos of one subject to replicate that subject. Deepfake technology can depict a person […]
QR codes (quick-response codes) were originally designed to label automobile parts, but today, we can find them in advertisements, restaurants, museums, mobile ticketing, and many other areas. Since both Androids and iPhones can scan QR codes in the camera app, QR codes provide faster access to a website than manually typing a URL. While convenient, the […]
Scammers can create fake login screens that are strikingly similar to legitimate ones. One of the login screens pictured above is our true WUSTL login screen, and the other is an imitation. Can you spot all of the differences? To make this more challenging, we’ve cropped out the URL from each login screenshot. Seeing the […]
Multifactor authentication provides another layer of security for online accounts. The first “factor” for an account is usually a password, and any additional authentication step makes it harder for a hacker to access your account. Common multifactor authentication offerings are codes sent via text or email, dedicated authenticator apps like Duo, and fingerprint or facial […]
Using strong passwords with the help of a password manager is one of the easiest ways to protect your accounts and keep our information safe. Let a password manager do the work A password manager creates, stores, and fills passwords for us automatically. This way, we only have to remember one strong password—for the password […]
The onboarding process creates a unique set of security risks. As new employees, we’re often eager to make a good impression, but we have little institutional knowledge. These factors make new employees valuable targets for hackers. Due to unfamiliarity with WashU’s processes and security protocols, a new employee might not know how to recognize an email […]
Google’s Jigsaw unit published a quiz that tests the taker’s ability to identify phishing emails. The quiz tests you on eight emails to see if you can distinguish between legitimate emails and phishing scams. Many of the examples come from real events, such as the massive phishing attempt that hit Google Doc users in 2017 and an email that Russian […]
Phishing is an illegal tactic where criminals send fraudulent emails to trick victims into sharing their personal information or compromise their system. The good news is at WashU we can use the Phish Alert Button whenever we’re unsure about an email’s authenticity. Step 1: Recognize the common signs Step 2: When in doubt, report it! […]
With many kinds of cybercrime come many different ways to report it. Most of us will encounter cybercrime, so here are resources on where to report it. Hacked Account Report your hacked account to theplatform’s support team. Below are reporting guides for popular platforms: WUSTL Key, Facebook, Google, Instagram, PayPal, Snap, TikTok, YouTube Ransomware If […]
Giving children uninhibited access to the internet can put your child, computer, and personal data at risk. With some precautions, you can set your children up to become upstanding digital citizens who will lead the future. Parental Controls Most devices these days have parental controls that allow parents to restrict access to certain content for […]
The WashU Office of Information Security (OIS) is dedicated to supporting our community by ensuring that our information security policies keep pace with the evolving digital landscape. As part of this effort, we’re excited to introduce our 2024 Policy Update, which launches the new WashU OIS Guide series. This series will guide you through our […]
October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. The Office of Information Security is proud to champion this online safety and education initiative this October. All month long, we are promoting these key behaviors to encourage you, our WashU community, […]
The Office of Information Security is running a competition throughout October for Cybersecurity Awareness Month! WashU staff, faculty, and students can enter to win up to $1,000 in BearBucks. On September 26th, we released an Inside Man-themed game in KnowBe4, ‘The Inside Man: New Recruits Game’. Complete the game to earn an entry into our […]
Cybersecurity Awareness Month 2023 is coming to a close. This year, we hosted three webinars, promoted key behaviors to encourage every employee to take control of their online lives, and published weekly newsletters full of original content authored by WashU’s Office of Information Security. Below, you will find a recap of some of the key […]
On WashU-supported Macs, you can now use firewall settings to turn on the firewall in macOS to prevent unwanted connections from the internet or other networks. To change these settings in the latest version of macOS, choose Apple menu > System Settings, click Network in the sidebar, then click firewall on the right. (You may need to scroll […]
When using social media platforms, it is wise to be careful about what you post. Cybercriminals can use what you post to entice you into clicking malicious links. Be Careful What You Post Any information you publicly post on social media could be used in a spear phishing attack. Spear phishing is when cybercriminals target […]
We encourage you to turn on multi-factor authentication for every online account or app that offers it. As time goes on, more websites and applications will offer multi-factor authentication, but it might not be turned on by default. Here are some guides on how to enable it for popular services:
Password managers are apps, browser plugins, or programs within your browser. They store your passwords in a vault and lock the vault behind a “master password.” It is safe to replace your password notebook Even though password managers are the best way to safeguard your passwords, you might worry that storing every password in an […]
Let a password manager do the work! A password manager creates, stores and fills passwords for us automatically. Then we each only have to remember one strong password—for the password manager itself. Search trusted sources for “password managers” like Consumer Reports, which offers a selection of highly rated password managers. Read reviews to compare options […]
When guessing passwords, hackers start with the most common passwords. According to research by NordPass, the top 10 passwords from 2022 are: Are any of your passwords on this list? Creating, storing, and remembering passwords can be an inconvenience for all of us online. Still, the truth is that passwords are your first line of […]
Why it’s so important to update promptly If a criminal gets into a device through a security flaw, they will look for personal information and sensitive data to exploit. Technology providers issue software updates to “patch” security weak spots as quickly as possible. If we don’t install them, they can’t protect us!Software updates can also […]
Many of us receive a steady flow of emails every day, including bank statements, order confirmations, or sales promotions. To keep up, you may look through your inbox as quickly as possible—but do not forget to stay vigilant. Cybercriminals take advantage of haste and send dangerous, unexpected emails. Unusual Account Activity Detected One of the […]
Scammers can create fake login screens that are strikingly similar to legitimate ones. One of the login screens pictured above is our true WUSTL login screen, and the other is an imitation from a real scam. Can you spot the difference? To make this more challenging, we’ve cropped out the URL from each login screenshot. […]
In addition to using WashU email for work, most people use email in their personal lives, too. You can get an email from your aunt with her stew recipe or an email from your boss about an office party. But what if the email isn’t actually from your aunt or boss? Cybercriminals often pretend to […]
For more information about using generative AI at WashU, please visit Generative Artificial Intelligence (AI) – Information Technology (wustl.edu).
With the internet and social media, it can be difficult to avoid sharing personal information online. Having an online presence can be valuable, but sometimes sharing personal information is risky. If you want to know what information about you is online, Google yourself. Your Search Results If you Google your name, you may find public […]
The Washington University in St. Louis Office of Information Security supports education, research, and clinical care by protecting systems and data for everyone at our institution. Information security is essential to every member of our community, and we all share personal responsibility for ensuring the security of our systems. We continuously improve our systems and […]
October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. The Office of Information Security is proud to champion this online safety and education initiative this October. All month long, we are promoting these key behaviors to encourage every employee to take […]
Cybersecurity Awareness Month 2022 is coming to a close. This year, we hosted four webinars, promoted key behaviors to encourage every employee to take control of their online lives, and published a newsletter full of original content authored by WashU’s office of Information Security. Competition Our Cybersecurity Awareness Month competitions are always popular. In 2021, […]
WashU’s multi-factor authentication provider is Duo, an industry leader in cybersecurity services. You can improve the strength of multi-factor authentication by opting for multi-factor authentication exclusively via an app. Here is a link that helps you set this up for WashU MFA Where can I change my device’s default authentication method? (duo.com). Did You Log […]
The Washington University in St. Louis Office of Information Security (OIS) supports education, research, and clinical care by protecting systems and data for everyone at our institution. Information security is essential to every member of our community, and we all share personal responsibility for ensuring the security of our systems. We continuously improve our systems […]
The term “data breach” has dominated the tech world the last 24 months. From breaches that have impacted critical infrastructure like the Colonial Pipeline to hackers compromising healthcare records at UC San Diego Health, headlines of cybersecurity mishaps saturated news in the last two years. Yet, despite the prevalence of the breach-centric news cycle, many […]
You can control when your WashU computer updates using the Updates section in Software Center. Most updates require your computer to restart, so please save all work beforehand. You can configure automatic updates to run outside of your business hours using these steps: Navigate to Software Center. Select Options. Work Information section: Enter your Business Hours. […]
Ransomware is malicious software that renders data and systems unusable until the targeted individual or organization pays a ransom. Find out more at Ransomware | Office of Information Security | Washington University in St. Louis (wustl.edu). Cybersecurity Awareness Month Test Your Knowledge Competition We invite you to show us what you know by entering our […]
Cybersecurity has become one of the biggest hot topics both inside and outside of technology circles over the last two years. From securing learning devices due to a rise in digital learning during the COVID-19 pandemic, to coping with the fallout of high-profile breaches of national infrastructure such as the Colonial Pipeline, there is a […]
For tips on how to strengthen your passwords, visit How can I make my password secure? – Information Technology (wustl.edu). If you see fit to change your WUSTL key password, you can read the guide at How do I Change my WUSTL Key Password – Information Technology. Cybersecurity Awareness Month Test Your Knowledge Competition We […]
When you receive a suspicious email, please report it using the Phish Alert Button (PAB) from your Outlook account. Cybersecurity Awareness Month Test Your Knowledge Competition We invite you to show us what you know by entering our Test Your Knowledge: Cybersecurity Awareness Month edition. Complete this activity to test what you know and receive an entry […]
The COVID-19 pandemic forced millions of Americans to embrace working from their own home – a concept most had limited or no experience with at the time. And while many employees have returned to the office, a recent University of Chicago study found that 72% of those surveyed would like to continue working from home […]
Phishing is the most common tool used by cybercriminals to steal login credentials, personal information, data, and intellectual property. If you receive a “phishy” email (i.e., an email that demands unexpected quick action, comes from an unknown sender, asks you to supply login credentials or other personal information, etc.), please protect yourself and others at […]
Cybersecurity Awareness Month in October is a global effort to help everyone stay protected whenever and however they connect. The theme for the month is “It’s easy to stay safe online,” and The Office of Information Security is proud to be a Cybersecurity Awareness Champion, supporting online safety throughout the year. We’re here to help […]
Cybersecurity Awareness Month 2021 is in the rearview mirror! This year, we set out on the Road to Cybersecurity together. We hosted several events, sent out weekly security tips, and published a great newsletter full of original content authored by WashU’s information security staff. Competitions Our Cybersecurity Awareness Month competitions are always popular. In 2020, […]
Letter from the CISO, Vol 1 Issue 5 Washington University Community: Many years ago, a respected colleague told me that for her, the ultimate security was knowing that she could get her data back if something bad happened. This was a bit of a shock to me, as I was young and inexperienced enough to […]
We’re on the last leg of our road trip, but our cybersecurity adventure is far from over. The WashU Office of Information Security will always be your trusty navigator and loyal travel companion on the Road to Cybersecurity. We’ll help you steer through the twists and turns of the road ahead and give you a […]