Securing our Data
The Office of Technology Services (OTS) understands that protecting the Lone Star College System network and the personal information of all Lone Star College faculty, staff, and students is vital. OTS is constantly monitoring for any potential threats to information security and works to educate LSCS employees and students regarding safeguarding passwords and how to determine when a call or E-mail may be fraudulent.
If you come across anything suspicious, please call the Service Desk to report it at 832.813.6600 or 1.866.614.5014 (toll free). Our trained technicians will assess the situation and verify there have been no breaches in information security.
Don't be a target for cyber-criminalsYou may not realize it, but you are a target for cyber-criminals. Your computer, your mobile devices, your accounts, and your information all have tremendous value. The list below details many different ways in which cyber-criminals can make money by hacking you. Fortunately, by taking some simple steps, you can help protect yourself and your family.
Username & Passwords
Once hacked, cyber-criminals can install programs on your computer that capture all of your keystrokes, including your username and password. That information is used to log into your online accounts, such as:
Your bank or financial accounts, where they can steal or transfer your money
Your iCloud, Google Drive, or Dropbox account, where they can access all of your sensitive data
Your Amazon, WalMart or other online shopping accounts, where they can purchase goods in your name
Your UPS ore FedEx accounts, where they can ship stolen goods in your name
Once hacked, cyber-criminals can read your E-mail for information they can sell to others, such as:
All the names, E-mail addresses, and phone numbers from your contact list
All of your personal or work E-mail
Once hacked, cyber-criminals can copy and steal any virtual goods you have and sell them to others, such as:
Your online gaming characters, gaming goods, or gaming currencies
Any software licenses, operating system license keys, or gaming licenses
Once hacked, your computer can be connected to an entire network of hacked computers controlled by the cyber-criminal. This network, called botnet, can then be used for activities such as:
Sending out spam to millions of people
Launching Denial of Service attacks
Once hacked, cyber-criminals can steal your online identity to commit fraud or sell your identity to others, such as:
Your Facebook, Twitter, or LinkedIn account
Your E-mail accounts
Your Skype or other IM accounts
Once hacked, cyber-criminals can turn your computer into a web server, which they can then use for the following:
Host phishing websites to steal other peoples usernames and passwords
Host attacking tools that will hack peoples computers
Distribute child pornography, pirated videos, or stolen music
Once hacked, cyber-criminals can scan your system looking for valuable information, such as:
Your credit card information
Your tax records and past filings
Your financial investments and retirement plans
Once hacked, cyber-criminals can take over your computer and demand money. They do this by:
Taking pictures of your with your computers camera and demanding payment to destroy or not release the pictures
Encrypting all the data on your computer and demanding payment to decrypt it
Tracking all websites you visit and threatening to publish them
Never give out your username or password to anyone. If you think your computer may be compromised, contact the Service Desk right away at 832.813.6600. Were happy to help.
Don't get hooked by a cyber-criminal
You may not realize it, but you are a target for cyber-criminals. Your computer, your mobile devices, your accounts, and your information all have tremendous value. If you identify an E-mail you think is a phishing attack, or you are concerned you may have fallen victim, contact Lone Star Colleges Service Desk immediately.
What is phishing?
Phishing is a psychological attack used by cyber-criminals to trick you into giving up information or taking an action. Phishing originally described E-mail attacks that would steal your online username and password. However, the term has evolved and now refers to almost any message-based attack. These attacks begin with a cyber-criminal sending a message pretending to be from someone or something you know, such as a friend, your bank or a well-known store or website.
These message entice you into taking an action, such as clicking on a malicious link, opening an infected attachment, or responding to a scam. Cyber-criminals craft these convincing-looking E-mails and send them to millions of people around the world. The criminals do not know who will fall victim, they simply know that the more E-mails they send out, the more people they will have the opportunity to hack. In addition, cyber-criminals are not limited to just E-mail but will use other methods, such as instant messaging or social media posts.
What is spear phishing?
The concept is the same as phishing, except that instead of sending random E-mails to millions of potential victims, cyber-attackers send targeted messages to a very few select individuals. With spear phishing, the cyber-attackers research their intended targets, such as by reading the Intended victim's LinkedIn or Facebook accounts or any messages they have posted on public blogs or forums. Based on this research, the attackers then create a highly-customized E-mail that appears relevant to the intended targets. This way, the individuals are far more likely to fall victim.
The cyber-criminal information presented above is based on the original work of Brian Krebs. You can learn more about cyber-criminals at his blog at: http://krebsecurity.com.