A holiday message from Wayne State's information security team

Computing & Information Technology recently welcomed our new Senior Director of Information Security and Compliance, Garrett McManaway. As senior director of security, McManaway will work with within C&IT and across campus to ensure that Wayne State's computers and networks are safe from internal and external threats.

McManaway graduated with his bachelor's degree in open systems from Baker College and his master's degree in information assurance from Walsh College. He has spent the last 15 years working in information security and has 20 years of IT experience overall. He served as the Senior Manager of Global Security Operations at Delphi, and has also held positions at Blue Cross Blue Shield of Michigan, Dell SecureWorks, and IBM. He is also involved with information security organizations MISec and InfraGuard.

How to stay safe online during the holidays

As our holiday gift to you, Garrett wrote a letter to the campus community to keep your information safe.

The holidays are a great time to spend with friends and family, but beware of scams that also come along with this time of year. Remember to enjoy the season, but take extra care by following these tips:

It is common to see an increase in phishing attacks this time of year that are disguised as virtual holiday greeting cards that are hiding malicious intent. The sender of these greeting cards may look legitimate, but before opening an attachment, take an extra look at the contents of the email and question: Would the person who sent this message normally do so?

Another thing to be aware of while online shopping for holiday gifts are message containing fake tracking information that often indicates a problem with the shipment, requesting personal information or an attachment to be opened to get things back on track. The best way to avoid falling victim to this scam is to visit the website or contact the seller of the goods directly, instead of clicking on links or attachments in the email.

A third example that we are seeing actually hit our users in last few days. That is, an email that appears to be sent by a manager asking an employee to do them a favor because they are in a meeting. The conversation starts with a message from a spoofed address asking for gift cards with the promise of reimbursement, but the reimbursement never comes.

Garrett McManaway
Senior Director, Information Security and Compliance
Computing & Information Technology

Garrett and everyone at C&IT works year-round to protect the campus community. These simple tips below will help you stay vigilant when online.

Identifying phishing scams

Avoid clicking on links and attachments: Even if it's coming from a recognizable organization like the Michigan State Police or your coworker, don't click links or download attachments that you aren't expecting, especially vague attachments like Invoice.pdf.

Beware of suspicious messages: Urgent requests, spelling mistakes, grammar errors, and unsolicited emails are signs of a scam.

Verify the source: Sometimes scammers will change one letter or number of an email address to trick you into believing the email is legitimate. When in doubt, reach out to the sender directly to confirm.

Check the link: Scammers can create fake login pages that look identical to your email, Academica, or even your bank. If you hover over the link (or hold down on the link on mobile devices), you can see whether the page leads to a legitimate website.

How to respond

Report the email: Forward the suspicious email to abuse@wayne.edu so that C&IT can block the sender.

Delete the message: Looking at the message will typically not affect your account but clicking links or downloading attachments will.

Get help: If you did click on a link or attachment and provide your login information, please contact the C&IT Help Desk at 313-577-4357 immediately.

For more information on cybersecurity at Wayne State, visit tech.wayne.edu/kb/security.