Campus Security Awareness Campaign 2017
This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View all 12 monthly blog posts with ready-made content by visiting www.educause.edu/securityawareness.
Identity theft is a real threat; it can happen to anyone, and it can be challenging for victims to deal with the fallout. Help your end users take precautions to reduce the risk of identity theft and protect themselves and their identities with the following customizable content.
Get the Word Out
Newsletter or Website Content
According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. The following tips can help you prevent identity theft.
- Read your credit card, bank, and pay statements carefully each month. Look for unusual or unexpected transactions. Remember also to review recurring bill charges and other important personal account information.
- Review your health insurance plan statements and claims. Look for unusual or unexpected transactions.
- Shred it! Shred any documents with personal, financial, or medical information before you throw them away.
- Take advantage of free annual credit reports. In the US, the three major credit reporting agencies provide a free credit report once a year upon request.
- If a request for your personal info doesn’t feel right, do not feel obligated to respond! Legitimate companies won’t ask for personal information such as your social security number, password, or account number in a pop-up ad, e-mail, text, or unsolicited phone call.
- Limit the personal information you share on social media. Also, check your privacy settings every time you update an application or operating system (or at least every few months).
- Put a password on it. Protect your online accounts and mobile devices with strong, unique passwords or passphrases.
- Limit use of public Wi-Fi. Be careful when using free Wi-Fi, which may not be secure. Consider waiting to access online banking information or other sensitive accounts until you are at home.
- Secure your devices. Encrypt your hard drive, use a VPN, and ensure that your systems, apps, antivirus software, and plug-ins are up-to-date.
If you become a victim of identity theft:
- File a report with the US Federal Trade Commission at IdentityTheft.gov.
- Use the identity theft report to file a police report. Make sure you keep a copy of both reports in a safe place.
- Flag your credit reports by contacting the fraud departments of any one of the three major credit bureaus: Equifax (800-525-6285), Experian (888-397-3742), or TransUnion (800-680-7289).
Source: STOP. THINK. CONNECT. Fight Cybercrime poster
Figure 1. Use this image to support your message.
Social Posts
Note: These are Twitter-ready, meeting the 140-character length restriction.
- Be discreet about what you tweet! Don’t overshare personal info. #IdentityTheft #CyberAware
- Use long, complex #passwords or #passphrases as your first line of defense to protect online accounts. #IdentityTheft #CyberAware
- Legitimate businesses will never ask for your account password or SSN. #IdentityTheft #CyberAware
- HTTPS, #VPN, & #2FA are not just for geeks — protect yourself! #IdentityTheft #CyberAware
- Free #WiFi hotspots can be dangerous. Avoid financial transactions while connected. #IdentityTheft #CyberAware
- Review monthly financial statements & shred outdated documents before throwing them away. #IdentityTheft #CyberAware
- Check your credit report annually! Request free reports here: https://www.annualcreditreport.com/index.action. #IdentityTheft #CyberAware
- Don't become a victim! Stay safe from #cybercrime & avoid these tax season tricks: [https://staysafeonline.org/resource/cybersecurity-tips-online-tax-time/] #IdentityTheft #CyberAware
E-Mail Signature
Ask staff members to add a tip to their e-mail signature block and a link to your institution’s information security page.
Example:
Jane Doe
Chief Information Security Office
XYZ CollegeProtect Yourself from Identity Theft. Learn more. [Link “Learn more” to your institution’s identity theft page or link to the FTC’s Identity Theft page for consumers.]
Embed or Share Videos
Reporting and recovering from identity theft (1:17 min) [https://www.youtube.com/watch?v=j7UJ6oScjvU]
What to do if you’re a victim of identity theft (1:14 min) [https://www.youtube.com/watch?v=z9vfcCmh7Qk]
Resources
Share these resources with end users or use them to inform your awareness strategy.
- Use the free STOP. THINK. CONNECT. “Fight Cybercrime” poster (see figure 1).
- Share the brief educational videos above.
- Download the STOP. THINK. CONNECT. “Stay Safe from Cybercrime During Tax Time” tip sheet.
- For more tips and tools on dealing with identity theft, visit the FTC Identity Theft website.
- Go to IdentityTheft.gov to report and recover from identity theft; you can also browse the FTC’s complete list of possible recovery steps.
- Download the FTC’s comprehensive guide for victims: Identity Theft – A Recovery Plan.
- Learn about current scams and how to protect yourself by visiting Fraud.org.
- Visit StaySafeOnline.org to review the tip sheet for victims of cybercrime and an infographic aimed at helping users stay safe from cybercrime during tax time [https://staysafeonline.org/resource/cybersecurity-tips-online-tax-time/].
- Use the Online Identity Risk Calculator [https://staysafeonline.org/ncsam/resources/online-identity-risk-calculator].
Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).
© 2017 EDUCAUSE. This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.