Wayne State University
Warrior strong
Login
Search
C&IT Computing & Information Technology

NCSAM

October is National Cyber Security Awareness Month! With help from our partners at KnowBe4, we dedicate every October to further educating the Wayne State University community about cyber security. The resources on this page have been collected to help you better understand actions you can take on your own to secure your data and devices. All year long, the C&IT Information Security Office works tirelessly to protect the university's systems, software, and sensitive data in its daily operations.

Policies Phishing Applications
University Information Security Standards protect your info, devices, and the entire Wayne State community. Our secure email system keeps you safe from scammers and users have the power to report phishing scams too. We partner with vendors like DUO Security (two-factor authentication)
and Global Protect (VPN) to enforce extra layers of security surrounding sensitive data. We encourage all Warriors to consider how they can protect their own data. Being informed and extra cautious online can help us protect the Wayne State communityand it can also keep you safe outside of the Wayne State network. 

QR codes

Quick response codes or QR codes have become a regular part of our everyday lives—but are they safe? 

 While they are convenient for various applications, QR codes come with certain vulnerabilities and security concerns.

Here's a brief overview of some of the key vulnerabilities associated with QR codes:

  • Malicious Codes: Anyone can create QR codes, including cybercriminals. When scanned, they can lead to phishing attacks, malware downloads, or other security breaches.
  • URL Spoofing: A QR code can be created with URLs that look legit but actually redirect users to fake websites intended to steal sensitive information, such as log-in credentials. Users should exercise caution when scanning QR codes, especially in untrusted or unfamiliar contexts.

Tips 

  • Pay attention to any sites that require payment, credentials, or your personal information. Scanning QR codes that you find out in the wild can put your device and your information at risk. Malicious actors can use them to trick you into giving away information or allowing device access.  
  • Only scan codes from trusted entities and in familiar spaces.  Look for an accompanying direct URL that you can type into your mobile web browser. 

Creating codes

It is just as important to be mindful of the QR codes you create. While they are an easy way to lighten your workload or reach your intended audience, how you create them and share them is important. 

Tips 

  • Always thoroughly research web services and apps before using them to generate a QR code. These codes can easily be manipulated and abused. 

  • For extra security, make sure you publish URLs with codes that you use so your users have multiple options and peace of mind interacting with you. 

Phishing

National Cyber Security Awareness Month is every October and is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. 

Phishing is a prevalent and persistent cybersecurity threat, and it's particularly relevant to National Cyber Security Awareness Month (NCSAM)

What is Phishing?

The purpose of phishing is to trick individuals into divulging sensitive information, such as login credentials, personal information, or financial data. In many cases, they impersonate trusted entities such as banks, universities, or popular online services.

Common Phishing Methods:

  1. Emails: Phishers send deceptive emails from seemingly trustworthy sources urging recipients to download malicious attachments or click on links that lead to fake websites.
  2. Text Messages (Smishing): You may also receive fake alerts or offers through text messages that lead to malicious websites or request personal information.
  3. Social Engineering: Cybercriminals may pose as university officials or classmates to trick students into divulging sensitive information.

How to Recognize Phishing:

  • Be cautious of unsolicited emails or messages, especially if they ask for personal information.
  • Check for misspelled words, unusual sender addresses, or generic greetings, as these are common signs of phishing.
  • Hover over links to see where they lead before clicking. Ensure the URL matches the legitimate website.

Protecting Yourself:

  • Use strong, unique passwords for each online account.
  • Enable two-factor authentication (2FA) whenever possible.
  • Install reputable antivirus software to protect against malware.
  • Be cautious about sharing personal information online and limit what you post on social media.