Geneseo encourages secure online habits during cybersecurity awareness month
October is Cybersecurity Awareness Month and SUNY Geneseo is hosting Cybersecurity Awareness Events to sponsor good cyber habits among students. The college is encouraging students to avoid phishing emails, be aware of their password safety and improve their overall understanding of cybersecurity.
On October 6, students were sent an email inviting them to enroll in a cyber awareness training course. The course is taken through the company KnowB4, a cybersecurity company that helps organizations disseminate online security training. By completing the course, students will be entered in a raffle with the chance to win a $25 CAS gift card.
Phishing is defined as a cybercrime that uses tactics including deceptive emails, websites, and text messages to steal confidential personal and corporate information. Phishing is a type of social engineering that criminals use to steal data, infect computers and infiltrate company networks.
Senior information security analyst Valerie Smith stated the importance of phishing awareness.
“If you get infected by something or you get phished, your bank account could be compromised. Your life could kind-of be taken over.”
According to Smith, identifying the signs in phishing emails affects more than just the student that receives the email.
“Everyone plays a role in the cybersecurity health of the campus. If you are sitting here with your laptop that's infected and it connects to the network, it could hit somebody else connected on the network, infect them and start some sort of chain reaction,” said Smith.
Smith lists the top three cybersecurity risks that students fall victim to: “bad password hygiene, reporting phishing emails [and] updating your devices with each patch.”
She stated, “To me, the most important part of phishing education isn't to tell people not to click through. That is important, of course, but when you see them or if you do make the mistake and click, report your actions.”
According to Smith, oftentimes multiple phishing emails are sent out to students, but as long as people report it, the email can be stopped in its tracks, not allowing someone to fall victim to its intent.
“My little plug for anyone vaguely interested in getting into this field, [is that] it's not just the nerdy part of it… there's also a teaching aspect to cybersecurity and cybersecurity awareness, too, that’s very important,” said Smith.