Tech Byte: Protect Data With Good Practices
As a new academic year begins, IT Services is reminding all students and employees of steps they can take to be safe in the digital environment.
One thing to do is be vigilant when viewing email or taking phone calls at work. Phishing emails, and even phone calls from someone purporting to be another campus employee, can be attempts to get personally identifiable information.
As a refresher, phishing emails are a way to gain access to systems by duping the recipient into believing the email was sent to them by a legitimate source asking them to click on a link that requires users to divulge data such as passwords, Banner IDs, etc. Truman will never ask students or employees to click on a link that gathers this kind of data. Similarly, phone calls from someone asking for identifying information about a person are also cause for caution. While the inclination is to want to help them, there are offices that are trained about how to verify that a person is who they say they are before sharing any data with them. If the caller does not know their own information, they could be a scammer.
In light of the news regarding the National Public Data breach of personal information for more than 2.9 billion individuals, it is important to stay vigilant. The latest estimation is approximately 272 million unique Social Security numbers and 600 million phone numbers were included in the stolen data. ITS recommends two cybersecurity websites students and employees can check to see if their data was included.
- The website npdbreach.com can report any user data in the system. ITS advises only entering a name and zip code to get results. This site does not store any information on the searches performed, but the data it provides back is less informative than the second option.
- The website npd.pentester.com will ask for a name and birthdate before providing results. It should be noted that any searches using this site are stored and kept on file and can be used by the company later, but the information it provides is more complete. The site will reveal a user’s redacted Social Security number and date of birth, along with the full address and phone number record.