As many schools are moving to remote learning, the FBI is warning educators and students to take precautions against malicious cyber activity. Cyber criminals are aware of the inherent vulnerabilities in remote learning and may attempt to disrupt schools or compromise private information.
Video Conference Disruptions
Unsecured video conferences are vulnerable to disruption by unauthorized users. Interruptions can include harassment or displaying offensive images.
Recommendation: Confirm online conferencing platforms used by students require passwords or other authentication methods, such as validation by the host. Emphasize to students that they are not to share meeting passwords or links.
Social Engineering and Phishing
Cyber criminals often attempt deceiving individuals into sharing private information or performing a task. They will take advantage of the increased reliance on electronic communications between students and educators to craft fraudulent emails. This can lead to the compromise of a home computer or identity theft.
They may also register fraudulent web domains that look similar to a legitimate website, such as a website with the school’s name followed by a .com address instead of .edu.
Recommendation: Treat with suspicion any messages that are urgent, impersonal, and unexpected. Be advised that genuine links to Fordham University resources will always end in .edu unless stated otherwise. When in doubt, contact IT Customer Care at HelpIT@fordham.edu and allow UISO to validate the nature of the message.
Cybersecurity Best Practices At Home
- Ensure personally owned devices run the latest version of the operating system.
- Upgrade devices running Windows 7 to Windows 10.
- Ensure firewalls are properly configured and secure on routers and computers.
- Replace default router passwords with strong, unique administrative passwords or passphrases.
- Enable multi-factor authentication for all applications when this option is available.
- Install software and application updates as soon as they are released.
- Update and/or confirm wireless routers and other hardware are operating the most recent firmware.
- Ensure personally owned computers use up-to-date antivirus, antispyware, etc.
- Teach children to recognize and report suspicious email messages and html links to an adult.