The University is launching its 3rd annual Take Control security awareness campaign and contest, with an urgent message for students, faculty and staff to "take control" by learning about personal security dangers such as phishing, spyware, Internet fraud, and more. In addition, the campaign emphasizes secure password practices and safe Internet conduct when using social networking venues such as blogs, chat, eprofiles, e-mail and instant messaging.
This year's contest offers a laptop prize and features the theme "What was I thinking?" to encourage students, faculty, and staff to think about how insecure actions can lead to situations they may regret. All Penn State community members are urged to participate in the contest and learn about secure digital identity practices at http://its.psu.edu/takecontrol/.
"When you provide personal information using blogs, chat, e-mail, or instant messaging, you're taking a risk," said Kathy Kimball senior director of Security Operations and Services (SOS). "Digital relationships can be deceptive. So it's extremely important to be aware of computer security dangers such as phishing schemes, spyware technologies, e-mail hoaxes, malicious attacks, identity theft, and Internet fraud. Never share your password with anyone or provide credit card or social security numbers insecurely."
According to security experts at Penn State, personal security incidents have increased substantially over the years, since e-mail is increasingly used to distribute fraudulent messages to potential victims. These fake e-mail notices (known as phishing schemes) usually appear to come from official locations such as banks, mortgage companies, institutions, or even the government, and are designed to persuade the victim to provide sensitive information such as a password, credit card, or social security number.
Internet users should also be aware that social networking venues (such as Facebook, MySpace, blogs, and chat) pose similar dangers, explains Kimball, since the information individuals share at these sites is potentially available to the entire world ...friends and strangers alike. "Although social networking sites may create an illusion of intimacy, they are not private," she stated. "They are easily accessible not only to school administrators, potential employers, and law enforcement officials-but to scam artists and criminals."
There are numerous sources that students, faculty and staff can consult for guidance on personal security needs, along with the suggestions outlined above, according to SOS staff. The Access Account Password Management Web site at http://its.psu.edu/password/, provides information on the dangers of sharing passwords and User IDs; and also describes Penn State's new Annual Password Change initiative (which requires all University Access Account holders to change their passwords on a 365 day cycle.) Students, faculty and staff are additionally encouraged to visit Penn State's Take Control Web site at http://its.psu.edu/takecontrol/ and the SOS home page at http://sos.its.psu.edu/ throughout the year to get the University’s latest security updates.
For more tips on personal security, go to:
Identity Theft and Phishing Tips from the Federal Trade Commission
http://www.ftc.gov/bcp/conline/pubs/credit/idtheftmini.htm
http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.htm
Microsoft Phishing Tips
http://www.microsoft.com/athome/security/email/phishing.mspx
The Anti-phishing Working Group Web site
http://www.antiphishing.org/resources.html
Indiana University E-mail Fraud Tips
http://uits.iu.edu/scripts/ose.cgi?afvn.ose.help
MSN PC Safety and Security
http://www.mailfrontier.com/forms/msft_iq_test.html