ATTENTION: College closed Wednesday due to severe weather. More
Information Security at CSCC
Protect Yourself from Fraud
Columbus State will never ask for sensitive personal information, such as a Social Security number, bank account information, PINs, network credentials (passwords), or an account number in an e-mail. If you receive a phone call or email asking for this information, do not provide it and immediately call the Help Desk at x5050.
When in doubt, use Cougar IDs, not Social Security Numbers.
Receiving spam email from @cscc.edu or @student.cscc.edu email account?
If you receive a spam email from a Columbus State Community College email account, please forward a copy of the mail (with email header) to email@example.com.
Receiving spam in your CSCC inbox?
If you receive spam email, please forward a copy of the mail to firstname.lastname@example.org.
4/10/14: Heartbleed Bug: What Can You Do? (Kerbs On Security) Takeaway from this article..."Avoid responding to emailed invitations to reset your password; rather, visit the site manually, either using a trusted bookmark or searching for the site in question."
3/20/14: Are Credit Monitoring Services Worth It? (Kerbs On Security) - Great article about credit monitoring services, their value,
and what you can do to better protect your identity.
3/6/14: 4 Things You Need to Do to Protect Your iPhone (Fox Business)
3/3/14: Humans at Every Company are Falling for Bogus Emails - "...on average, one out of 10 employees exposed to malicious links in email will
click on one. Even best-in-breed companies' employees are still clicking more than
1% of the time." www.infosecurity-magazine.com
2/25/14: Fortinet's FortiGuard Labs Reports 96.5% Of All Mobile Malware Tracked Is Android-Based; Symbian
was a distant second at 3.45 percent and iOS, BlackBerry, PalmOS, and Windows together
don't even warrant 1 percent (Dark Reading). Not pitting one operating system against another. Be sure you are getting your
apps from legitimate software stores (Google Play or iTunes as examples).
2/19/14: Seven-year-long APT campaign identified, possibly state-sponsored (SC Magazine) - Here's the takeaway from this article: "The operation relies on victims clicking on links to malicious websites in spear phishing emails.... ." The Target breach from a couple of months ago now indicates that someone who works for one of Target's vendors clicked on a link in an email and it eventually lead to the Target breach. The same thing can happen to anyone, even via CSCC email. If you receive an email from someone you may or may not know and the email contains questionable content to include a link or images, play it safe and don't click on the link or image. The simple action of clicking on links/images can do a lot of damage which you may not even see. If in doubt, lead towards being skeptical and delete the email without clicking on the link or image. If it's that important, the sender will call you after not receiving a response.
As noted at the top of this page, the college will NEVER email or call you asking
for your network credentials. If you see an email threatening the deactivation of
your network account unless you respond with your user name and password, DO NOT reply,
but forward it to email@example.com and then delete the email. It didn't
come from the college.
2/6/14: A New Identity Fraud Victim Every Two Seconds (Javelin Study)
2/5/14: Malicious Email Level Hits a 5-Year High (Info Security)
Next Iron Mountain Pickups:
Last updated: 4/10/14
Alkire Rd: 4/24/14 (last: 3/27/14)
Columbus: 5/2/14 (last: 4/4/14)
Delaware: 4/25/14 (last:3/28/14)
Dublin: 4/16/14 (last: 3/19/14)
E. Long St.: 5/6/14 (last: 4/8/14)
Gahanna: 5/7/14 (last: 4/9/14)
Goodale Blvd: 4/24/14 (last: 3/27/14)
Reynoldsburg: 4/30/14 (last: 4/2/14)
Westerville: 5/6/14 (last: 4/8/14)
Rob Clifford, CISSP