Main content

Security Awareness Training

It is getting worse - are you prepared?

We all received a phishing message this morning, ostensibly from a colleague, about a way to make easy money - and asking people to respond with their private email address.
While it was a fairly obvious ruse, at least 31 folks here engaged the culprit in email communication before we blocked the phisher’s address.

There has also been an increase in phishers attempting to lure people into sending their phone numbers so that they can engage them in a texting conversations.

There is a constant stream of fairly obvious fake messages from employee’s supervisors asking for a favor - or for cell phone numbers.

Unfortunately people continue to fall for those too - because we’re all (mostly) conditioned to want to keep our bosses happy.
There actually is a way to make them happy - don’t fall for these social engineering tricks!

And it isn’t just email and text. There have been far more elaborate social engineering scams run here on campus that involved email, phone calls - and physically walking into an office on campus.

Social engineering works best for them when we are rushed into not paying careful attention.

What can you do to prepare yourself so that you’re not next?

Don’t let yourself get rushed into completing even what seem like routine tasks. Pause and ask yourself if there’s anything unusual about a hurried request - and trust your instincts.
Remind yourself that nothing good is easy, and nothing good is free - and if something sounds too good to be true, beware.

Complete the Training: The online training does a good job covering examples of they types of social engineering scams we are seeing regularly.
If you have not already completed your mandatory training, please visit the training dashboard to begin. This training can be completed from the office or from home - at any time.

The link to the training also appears in the “Quick Links” section of the Faculty/Staff Portal page. Protect yourself – complete the training - and think twice before you click. You and your supervisor will start getting reminders after the due date if you have not completed the training. New York State and SUNY require all employees to complete annual Security Awareness training.

Do it for me, do it for your supervisor - or do it just so that you’re not next. Please - take the training and learn to protect yourself, and all of us, from this tidal wave of scams.