Skip to content
Contact USI

Ask the Expert: Cyber security - What to watch out for

Part One: Emails

April 10, 2017

Protecting your personal and financial information has become increasingly more difficult as hackers advance their approach. While nothing is foolproof, Richard Toeniskoetter, chief information officer in Information Technology, has provided us with some red flags to look out for, and some precautionary steps to take both at home and work. In this two-part series we'll cover emails, phones, Facebook and backing up data.

Emails are a primary target for hackers, who are getting craftier in making emails appear to come from a legitimate business, or even a friend or co-worker. Toeniskoetter says that simply looking at the "from" address is not necessarily indicative of the true sender. "We always have to be suspicious of the "from" address. It's as meaningless as taking an envelope and writing anything you want in the upper left corner and dropping it in the mailbox," he said.

Lately there have been numerous phishing emails that appear to be from someone on campus. In reality, this means that hackers are doing their research, finding out who works at the University, their email addresses and at times, who works together in a department. They use that information to populate the "from" address with an official USI email address in order to make you drop your guard.

In the body of the email, hackers use very broad general terms with linked text that wouldn't necessarily seem out of the ordinary, such as "USI proposal." They also have used a USI email address with a link in the body of the email that appears to come from a popular business like Dropbox.

Attachments - What to watch out for

Because you can't trust the "from" address, you have to be suspicious of attachments sent via email. "It can be legitimately coming from a close friend or family member, but their account may be hacked," said Toeniskoetter.

Hackers use attachments to take control of your computer remotely. When you download this bad attachment, your computer becomes part of a botnet, a collection of computers automatically controlled by a hacker from a distance. "If a hacker can get your computer under their control, they can trigger it to do things on their behalf," said Toeniskoetter. "When the police come looking, they come looking at your computer because that's where the bad stuff is coming from, but it's really relaying from another computer someplace else. Millions of computers worldwide have been overtaken and operate as a part of a botnet."

If you receive an attachment in your email that you aren't expecting, it's best to contact the sender and ask if they sent it. "Do not open an attachment unless you are quite certain it's something you should be receiving," he said.

Links - What to watch out for

Just like the "from" address, a URL link can say anything. What you see in the familiar blue underscored text is not necessarily the site you'll be taken to once clicked.

Links can direct you to a site that may look like a popular site. For example, it may appear you've received an email from Amazon indicating something is wrong with an order you've placed. Hackers play their odds that at least some of the millions of receivers of this email have recently placed an order on Amazon, Walmart or any number of popular sites. When you click the link it takes you to a website that looks like the real site. Toeniskoetter says that it is quite easy for a web developer to recreate a site that looks identical to the real one.

When you log-in with your credentials on the phony site, it captures your user name and password. Toeniskoetter says that you are often then directed to the real site where, once you log-in and realize nothing was wrong with your order, it's too late. "The person who receives the information is most likely on a 24/7 pager alert. When one of these notifications comes in, it doesn't matter if it's the middle of the night, they will act quickly to take over whatever they can."

To test the validity of linked text, using your mouse, hover over the link without clicking. This will show you the actual link and the site you'll be taken to. If you have any doubts, do not click the link or copy it.

Be on the lookout for individuals swapping out o's and zeros. For example: Microsoft Office could have the capital O being replaced by a zero (Microsoft 0ffice), so at first glance, it may look correct but takes you to another domain with ill intentions.

If you have any suspicion about an email you've received at work, forward it to IT@usi.edu. Being vigilant about email will help to protect both you and the University.

In the second part of this series we will talk about what to watch out for with phones and Facebook, as well as how to back up your data to protect yourself from ransomware.

Recent Stories