For Faculty Archive, For Staff Archive

As classes resume, so do cyber-attacks 

With a few exceptions, summer brought relatively few cyber-attacks and scams aimed at colleges and universities. As the fall semester starts, these attacks are quickly resuming, and both in-person and remote learning are prime targets. Preventing these attacks will help keep this semester as smooth and stress-free as possible.

The information security team has emphasized some of these items over the past few years, and they are still effective at preventing data and identity theft, extortion threats, and malware infections.

  • Be attentive for phishing. These emails spoof familiar brands and people we know, and convince us to open unfamiliar websites or attachments. When reading email, slow down and look at the sender’s name and email address, and hover over any links to see where they go before clicking.
  • Shop with a credit card. Credit cards provide greater fraud protection over debit cards, and add an extra layer between the transaction and your bank account. If you can, use one card for online shopping and a different card for in-person transactions.
  • Save or print order confirmations. Keeping order documentation allows you to respond quickly to any fraud, win payment or order disputes with the seller or payment card company, follow any return policies and procedures, and have seller contact information.
  • Keep a clean machine. Use modern anti-virus products and a firewall on your personal devices and network. Routinely check for and install operating system and app updates to make sure all needed security patches are applied.

Drake is a prominent target for phishing, fraud, and other types of attacks. In fact, most email messages sent to Drake faculty, staff, and students are malicious. ITS blocks as much as possible, but some attacks will get past our defenses. Everyone is responsible for detecting and reporting possible information security incidents. For more information, see the Data Breach & Computer Incident Response (FAQ) and Reporting a Phishing Message (How-to).

ITS will continue to simulate phishing and assign training to those most at risk. If you’d like to discuss any information security issues, please feel free to reach out to me directly, or email informationsecurity@drake.edu.

— Peter Lundstedt, ITS