Defend Yourself From Cyber Attacks and Be a #UCRCyberHero!
Cybersecurity Awareness Month 2024
Install the Duo Mobile App to Win Exclusive Prizes
Celebrate Cybersecurity Awareness Month at UC Riverside! Get a chance to win an awesome prize when you present your Duo Mobile app at the ITS pop-up booth. Visit us near the Bell Tower every Tuesday and Wednesday, from October 29 to November 13, between 11:00 am to 1:00 pm.*
Chat with UCR’s cybersecurity experts to learn valuable tips on staying safe online and find out how you can train yourself to spot job scams. Secure your devices and data today and be a #UCRCyberHero!
*Note: The November 6 tabling session has been canceled due to bad weather.
New Prizes Every Week!
Stop by the ITS booth and show us your Duo Mobile app to win a prize!
Enroll Your Device in DUO Mobile
UCR Calls for Cybersecurity Superheroes!
Watch this short video to find out how you can become a #UCRCyberHero!
Student Job Scam Email Lure
Watch this short video to learn how to spot job scam emails and what you can do to avoid becoming a victim.
Stay Secure with Duo Mobile
Duo Mobile is the preferred multi-factor authentication method for all UCR accounts.
Why Duo Mobile?
- An extra layer of protection against unauthorized access to your university email, personal information, and academic records.
- Get push notifications right from your smartphone. No need to fumble with separate devices or codes.
- Duo Mobile works on a variety of devices – smartphones, tablets, and even smartwatches.
Protect Yourself from Job Scams
Don’t take the bait! Learn how to spot job scams and how to stay safe online while searching for your next work opportunity.
Job scams are a type of email scam wherein the attacker impersonates someone from UCR or other legitimate companies and tricks their targeted victims into sending money or providing sensitive information. Using social engineering tactics, the attacker may ask students to send resumés, bank account numbers, social security numbers, addresses, birthdays, research data, gift card codes, etc.
Here are the red flags to watch out for:
- Being asked to open an email attachment in order to view the job offer
- No company name provided
- Promise of high payment for a minimal amount of work
- Awkward sentence phrasing and spelling or grammar errors
- Offers to send money
- Requests for money or gift card codes
- Requests to communicate through non-UCR channels (text message, non-UCR email, other applications, etc.)
- A job offer you did not apply for
If you encounter a suspicious job-related email, report it immediately using PhishAlarm.
In one job scam attack against UCR students, attackers impersonated UCR Faculty and Administrators and contacted students using Gmail accounts. The email was made to look like a job offer to solicit personally identifiable information. Once the student’s personal information was obtained, attackers contacted them through their personal (non-UCR) email address or phone number and persuaded them to make a payment or provide sensitive information, such as their social security number or bank account number. Don’t fall for this job scam!
All campus job openings are posted on UCR Handshake. This is the safest and most reliable way to find legitimate opportunities. Visit the UCR Handshake portal to avoid job scams!
Cybersecurity Awareness Month Event Calendar
Don’t miss these cybersecurity events happening throughout October and November! View the complete list of University of California CAM events on the UC CAM 2024 website.
Gone Phishin': A Live Phishing/Hacking Demonstration (Webinar)
Date: October 15, 2024 (Tuesday)
Time: 2:00 pm (PDT)
This event is free and is open to the UC community. Register to attend the online webinar.
This is the phishing training the bad guys don’t want you to see. In this session, UCLA Health Cybersecurity Researcher Michael Taggart will review and demonstrate some of the newer forms of phishing attackers are using to steal your data. For each demonstration, you will explore the motivations and techniques of the attackers, and what you can do to protect against these all-too-common attacks.
Nightmare on Cyber Street: Unleashing UCSF’s Spellbinding Data Security Compliance Program (Webinar)
Date: October 22, 2024 (Tuesday)
Time: 11:00 am (PDT)
This event is free and is open to the UC community. Register to attend the online webinar.
Dive into the shadowy world of data security with UCSF’s thrilling new Data Security Compliance (DSC) Program. Designed to combat the ever-evolving cyber threats, UCSF’s program stands as a fortress with its extensive library of security requirements, including administrative, technical, and physical controls. Discover cutting-edge tools and resources that simplify the identification of pertinent requirements for specific systems or use cases. Learn the art of de-duplicating and consolidating safeguards to fortify your defenses.
ITS Information Security Office Pop-up Booth
Dates: Every Tuesday and Wednesday from October 29 to November 13, 2024*
Time: 11:00 am to 1:00 pm
Venue: UCR Bell Tower
Students, faculty, and staff are all welcome to stop by the ITS pop-up booth! You’ll have the opportunity to chat with our cybersecurity experts and learn valuable and practical tips on how to keep your data and devices safe from cyber attacks. You can also win exclusive prizes by showing your Duo Mobile app at the booth. See you there!
*Note: The November 6 tabling session has been canceled due to bad weather.
Cybersecurity in Healthcare: Navigating AI Challenges and Building Cyber-Resilience (Webinar)
Date: November 14, 2024 (Thursday)
Time: 1:00 pm to 2:00 pm (PDT)
This event is free and is open to the UC community. Register to attend the online webinar.
Cybersecurity is a critical concern not only for individuals facing risks like identity theft but also on a national level, influencing elements as significant as federal elections. Within the healthcare sector, the complexity of challenges has expanded for startups, lab scientists, and IT professionals. Risks from exploiting generative artificial intelligence now join threats like IP theft, ransomware, and hacktivism.
This webinar aims to empower participants by deepening their understanding of these evolving threats and highlighting how to forge robust cyber-resilience strategies. You will learn how to defend against these risks and develop resilient systems that continue to function effectively even during cyber incidents.
The Cybersecurity Industry is Hiring!
With 3.5 million unfilled cybersecurity positions to remain through 2025, the IT industry is looking for skilled individuals trained in cybersecurity to fill crucial roles in various organizations.
Go beyond being a #UCRCyberHero and join the league of cybersecurity professionals! The first step is to acquire the right training.
- Take the ISC2 Certified in Cybersecurity Entry-Level Certification
- Apply for the SANS Diversity Cyber Academy cybersecurity training scholarship for minorities and women
To set yourself up for success, hone your skills in identifying and resolving modern cyber threats, including phishing, social engineering, Business Email Compromise (BEC), and financial fraud, as well as learn how to protect and defend apps, data, devices, infrastructure, and users.
Check out the U.S. Bureau of Labor Statistics’ Occupational Outlook Handbook to learn how to become an Information Security Analyst, along with other important career positions in cybersecurity.
Cybersecurity Training Resources
Enhance your cybersecurity know-how with our training videos, available in the ITS Training Toolkit.
Use the Cybersecurity Awareness Month Zoom Background
Show your #UCRCyberHero pride! Download the official Cybersecurity Awareness Month Zoom background and start using it to promote cybersecurity at UCR!
SECURITY TIPS
Do your part - be cybersmart!
Follow the tips below to help ensure your personal and financial data stays safe while working and learning at UCR.
Each month, ITS sends out a phishing simulation email. The goal of these emails is to make campus aware of the types of phishing scams that are circulating and to provide tips on how to avoid these scams. This video provides a recap of the phishing simulation emails sent from May 2022 to July 2023 and illustrates how well UCR did in comparison to other organizations.
To see examples of the types of emails you may receive and what to look out for, visit the cybersecurity section of our training page.
If you receive a phishing email, please report it to ITS. To find out how, watch the PhishAlarm video.
Want to make sure your data is safe, but don't know where to begin? This video provides information on simple steps you can take towards making sure your data is as secure as possible.
Be sure to use UCR’s VPN at https://campusvpn.ucr.edu when working. You can find VPN guidance on the ITS Knowledge Base.
Ensure your devices are running on the latest software updates. This includes updating your mobile phones, tablets, computers, Wi-Fi routers, and any other devices connected to the Internet.
Four key ways to keep the cybercriminals at bay:
HOW TO SPOT PHISHING
Should you trust that email or text message?
With electronic messaging being a mainstay of personal and professional communication, malicious actors often utilize email and text messages when they attempt to steal personal or private information. Phishing messages are crafted to look legitimate but contain malicious programming or content used to capture sensitive data, which can put you and the University at risk.
Fortunately, there are simple ways to spot a phishing email. Here are some warning signs to look out for:
- Bad grammar or punctuation
- Strange fonts or paragraph spacing
- Slightly modified email addresses
- Forms that ask for sensitive information like usernames and passwords
- Links to strange websites
- Requests for money from what appears to be a “trusted” person
- Language that creates a sense of urgency or ultimatum