To further enhance DePaul’s cyber defenses, we want to highlight a common cyber-attack that everyone should be aware of – phishing. Phishing attacks can take many forms, but they all share a common goal – getting you to share sensitive information such as login credentials, credit card information, or bank account details.
Although we maintain controls to help protect our networks and computers from cyber threats, we rely on you to be our first line of defense.
What You Can Do
To avoid these phishing schemes, please observe the following email best practices:
- Do not click on links or attachments from senders that you do not recognize especially if the email contains a warning banner (“[EXT]“) indicating that it originated from an external source.
- Do not provide sensitive personal information (like SSNs, credit card numbers, usernames and passwords) over email.
- Watch for email senders that use suspicious or misleading domain names.
- Inspect URLs carefully by hovering over the link to make sure they’re legitimate and not imposter sites.
- Do not try to open any shared document that you’re not expecting to receive.
- If you can’t tell if an email is legitimate or not, please forward it to security@depaul.edu so we can proactively protect others.
Still, the best defense against such scams is for you to be educated on how to avoid becoming a victim. To that end, DePaul has contracted for its employees to take advantage of online education aimed at giving you information to be able to spot phishing attacks in your email and avoid compromising your personal information.
You will receive a notification through the BlueSky system to take the training. We have selected modules which we believe will be the most helpful. Please keep in mind that this training is required for DePaul employees.
Thank you again for helping to keep DePaul, and our people, safe from cyber threats.
Please let us know if you have any questions.
Regards,
Michael Rodriguez
Director Information Security| Information Services | DePaul University