September is National Preparedness Month

National Preparedness Month (“NPM”) promotes family and community disaster and emergency planning. Cybersecurity preparedness can help to offset the impact of identity theft, phishing attacks, imposter scams and more.  

Recognizing & Preventing Social Engineering & Cyber Attacks:

• Identity theft often involves the use of someone else’s personal information to purchase, obtain money or get credit. How do you know if you’ve been a victim? Your bank or credit card card accounts may have withdrawals/charges that you did not expect or authorize. For tips on preventing identity theft and corrective steps you can take if you are a victim of identity theft, please see:
  • Connect, Protect Who You Are Online. 
• Phishing attacks can occur via email, text messaging, phone calls, social media updates or web pop-ups. Phishing campaigns have varied goals including: credential theft, monetary theft, the theft of other personal/sensitive information, or the dissemination of malware. For tips on combating phishing attempts, please see: 
  • Connect, Phishing, Spear Phishing & Whaling
  • NYU IT Security News & Alerts blog, The Ins & Outs of Text Message Phishing
• Imposter scams have become more prevalent and may involve the receipt of an urgent request from someone you supposedly know, e.g., a faculty member or a Dean, or they may come from someone purporting to be a government official, or an employee at your bank . . .etc. The goal of these scams is often to obtain money or sensitive information. For information on recent imposter scams reported in the IT Security News & Alerts blog, please see: 
  • New Imposter Gift Card Scams Targeting Worshipers
  • Social Security Administration Phone Scam Alert
  • Imposter Scams (how to identify & recommendations)
  • Gift Card Scam Alert/Update
  • Gift Card Scams

Additional Tips:

• Update your operating system, applications and browser extensions as updates become available.  Staying updated will ensure that you are protected against known and patched vulnerabilities. 
• Use multi-factor authentication whenever available as the extra security associated with logging in via “something that you have”  will protect you in the event your credentials are compromised. 
• Download well reviewed apps only from trusted sources, such as Google Play or Apple’s App Store. 
• Use malware protection software. For information on NYU sponsored malware protection, please see:  www.nyu.edu/it/malware-protection

Additional Resources: 

• CISA Security Tip (ST19-001), Protecting Against Ransomware
• CISA Security Tip (ST05-019), Preventing and Responding to Identity Theft
• CISA Security Tip (ST13-003), Handling Destructive Malware
• CISA Security Tip (ST18-004), Protecting Against Malicious Code
• The Concerned Parent’s Toolbox – Tools and Tricks to Protect Your Kids