Staying Safe on the University's Network
Take caution with people you befriend online. If you decide to meet someone in person that you have befriended online, do it in a public place and make sure someone you trust knows where you are.
Be careful about file sharing using university computers, software and email addresses. When you share files via campus resources, you are putting your school in a risky position. Music companies are suing those who illegally download their material.
Make sure you place tracking software in your laptop through the IT Help Desk. Do not leave electronic devices lying around in public. If your property has been stolen, immediately report it to the University Police Department so a report can be filed.
Adjust the privacy settings of your social media sites. You can learn how by checking out the Smart Cards provided by University Police.
Make sure your computer virus protection is up to date.
When using a University computer, be sure to log off when you are finished or stepping away. Even if you “lock” the computer, someone may be able to use your account.
General Online Safety
The Realities of Cybercrime
When dealing with cybercrime, an ounce of prevention is truly worth a pound of cure. Cybercrime in all its many forms (e.g., online identity theft, financial fraud, stalking, bullying, hacking, email spoofing, information piracy and forgery, intellectual property crime, and more) can, at best, wreak havoc in victims’ lives through major inconvenience and annoyance. At worst, cybercrime can lead to financial ruin and potentially threaten a victim’s reputation and personal safety.
It’s always wise to do as much as possible to prevent cybercrime. One of the best ways to learn how to prevent cybercrime is to check out STOP. THINK. CONNECT.
Despite our best efforts, our increasingly digital lives may put us in harm’s way. The fact remains that the bad guys continue to find new uses for ever-expanding—but easily accessible—online technologies to steal, harass, and commit all sorts of crime. If cybercrime happens to you, you need to know what to do and respond quickly.
Should I Report Cybercrime?
Cybercrime can be particularly difficult to investigate and prosecute because it often crosses legal jurisdictions and even international boundaries. Many offenders disband one online criminal operation, only to start up a new activity with a new approach before an incident even comes to the attention of the authorities.
The good news is that federal, state, and local law enforcement authorities are becoming more sophisticated about and devoting more resources to responding to cybercrime. Over the past several years, many new anti-cybercrime statutes have been passed empowering federal, state, and local authorities to investigate and prosecute these crimes. Law enforcement needs your help to stop the nefarious behavior of cyber criminals and bring them to justice.
Who to contact:
- Local law enforcement. Even if you have been the target of a multijurisdictional cybercrime, your local law enforcement agency has an obligation to assist you, take a formal report, and make referrals to other agencies, when appropriate. Report your situation as soon as you find out about it.
- IC3. The Internet Crime Complaint Center (IC3) will thoroughly review and evaluate your complaint and refer it to the appropriate federal, state, local, or international law enforcement or regulatory agency that has jurisdiction over the matter. IC3 is a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center (funded, in part, by the Department of Justice’s Bureau of Justice Assistance). Complaints may be filed online at the Internet Crime Complaint Center.
- Federal Trade Commission. The FTC does not resolve individual consumer complaints but operates the Consumer Sentinel, a secure online database that is used by civil and criminal law enforcement authorities worldwide to detect patterns of wrong-doing, leading to investigations and prosecutions. File your complaint at FTC Complaint Assistant. Victims of identity crime may receive additional help through the FTC hotline at 1 (877) IDTHEFT (1 (877) 438-4388). The FTC website provides resources for victims, businesses, and law enforcement.
Collect and Keep Evidence
Even though you may not be asked to provide evidence when you first report a cybercrime, it is very important to keep any evidence you may have related to your complaint. Keep items in a safe location in the event you are requested to provide them for investigative or prosecutive evidence. Evidence may include, but is not limited to, the following:
- Canceled checks
- Certified or other mail receipts
- Chatroom or newsgroup text
- Credit card receipts
- Envelopes (if you received items via FedEx, UPS, or U.S. Mail)
- Log files, if available, with date, time and time zone
- Messages from Facebook, Twitter or other social networking sites
- Money order receipts
- Pamphlets or brochures
- Phone bills
- Printed or preferably electronic copies of emails (if printed, include full email header information)
- Printed or preferably electronic copies of web pages
- Wire receipts
Additional Tips for Specific Types of Cybercrime
Once you discover that you have become a victim of cybercrime, your response will depend, to some degree, on the type and particular circumstances of the crime. Here are useful tips to follow for some specific types of cybercrimes.
In Cases of Identity Theft:
- Make sure you change your passwords for all online accounts. When changing your password, make it long, strong and unique, with a mix of upper and lowercase letters, numbers and symbols. You also may need to contact your bank and other financial institutions to freeze your accounts so that the offender is not able to access your financial resources.
- Close any unauthorized or compromised credit or charge accounts. Cancel each credit and charge card. Get new cards with new account numbers. Inform the card companies that someone may be using your identity and find out if there have been any unauthorized transactions. Close accounts so that future charges are denied. You may also want to write a letter to the company so there is a record of the problem.
- Think about what other personal information may be at risk. You may need to contact other agencies depending on the type of theft. For example, if a thief has access to your Social Security number, you should contact the Social Security Administration. You should also contact your state Department of Motor Vehicles if your driver's license or car registration are stolen.
- File a report with your local law enforcement agency. Even if your local police department or sheriff’s office doesn’t have jurisdiction over the crime (a common occurrence for online crime which may originate in another jurisdiction or even another country), you will need to provide a copy of the law enforcement report to your banks, creditors, other businesses, credit bureaus, and debt collectors.
- If your personal information has been stolen through a corporate data breach (when a cyber thief hacks into a large database of accounts to steal information, such as Social Security numbers, home addresses, and personal email addresses), you will likely be contacted by the business or agency whose data was compromised with additional instructions, as appropriate. You may also contact the organization’s IT security officer for more information.
- If stolen money or identity is involved, contact one of the three credit bureaus to report the crime (Equifax at 1 (800) 525-6285, Experian at 1 (888) 397-3742, or TransUnion at 1 (800) 680-7289). Request that the credit bureau place a fraud alert on your credit report to prevent any further fraudulent activity (such as opening an account with your identification) from occurring. As soon as one of the bureaus issues a fraud alert, the other two bureaus are automatically notified.
In Cases of Social Security Fraud:
If you believe someone is using your Social Security number for employment purposes or to fraudulently receive Social Security benefits, contact the Social Security Administration’s fraud hotline at 1 (800) 269-0271. Request a copy of your social security statement to verify its accuracy. For additional resources, visit the Social Security Administration.
In Cases of Online Stalking:
In cases where the offender is known, send the stalker a clear written warning saying the contact is unwanted and asking that the perpetrator cease sending communications of any kind. Do this only once and do not communicate with the stalker again. Ongoing contact usually only encourages the stalker to continue the behavior.
- Save copies of all communication from the stalker (e.g., emails, threatening messages, messages via social media) and document each contact. Include dates, times and additional circumstances when appropriate.
- File a complaint with the stalker’s Internet Service Provider (ISP) and yours. Many ISPs offer tools that filter or block communications from specific individuals.
- Own your online presence. Set security and privacy settings on social networks and other services to your comfort level of sharing.
- Consider changing your email address and ISP. Use encryption software or privacy protection programs on your computer and mobile devices. You should consult with law enforcement before changing your email account. It can be beneficial to the investigation to continue using the email account so law enforcement can also monitor communication.
- File a report with the University Police or local law enforcement or contact your local prosecutor’s office to see what charges, if any, can be pursued. Stalking is illegal in all 50 states and the District of Columbia.
In Cases of Cyberbullying:
- Save any of the related emails, texts, or messages as evidence.
- Keep a record of incidents.
- Report the incident to the website’s administrator. Many websites, including Facebook and YouTube, encourage users to report incidents of cyberbullying.
- Block the person on social networks and email.
- Avoid escalating the situation. Responding with hostility is likely to provoke a bully. Depending on the circumstances, consider ignoring the issue. Often, bullies thrive on the reaction of their victims. If you receive unwanted email messages, consider changing your email address. The problem may stop. If you continue to get messages at the new account, you may have a strong case for legal action.
- If the communications become more frequent, the threats become more severe, the methods become more dangerous, or if third-parties (such as hate groups and sexually deviant groups) become involved, it is more likely that law enforcement needs to be contacted and a legal process initiated.
How Did This Happen To Me? A Word about Malware.
Many cybercrimes start with malware, short for “malicious software.” Malware includes viruses and spyware that get installed on your computer, phone, or mobile device without your consent. You may have downloaded the malware without even realizing it! These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information and commit fraud. If you think your computer has malware, you can file a complaint on the Federal Trade Commission website.
Avoid malware with the following tips from the STOP. THINK. CONNECT. campaign:
- Keep a clean machine by making sure your security software, operating system and web browser are up to date.
- When in doubt, throw it out. Don’t click on any links or open attachments unless you trust the source.
- Make your passwords long, strong and unique. Combine capital and lowercase letters with numbers and symbols to create a more secure password. Use a different password for each account.
- Set your browser security high enough to detect unauthorized downloads.
- Use a pop-up blocker (the links in pop-up ads are notorious sources of malware).
- Back up your data regularly (just in case your computer crashes).
- Protect all devices that connect to the internet. Computers, smart phones, gaming systems, and other web-enabled devices need protection from malware.
- Make sure all members of your family follow these safety tips (one infected computer on a home network can infect other computers).
Other Places to Find Resources or File a Complaint:
- Anti-Phishing Working Group (email@example.com)
- Better Business Bureau (investigates disagreements between businesses and customers)
- Cyber Tip Line, operated by the National Center for Missing & Exploited Children (investigates cases of online sexual exploitation of children; 1 (800) 843-5678 or the Cyber Tip Line website)
- Electronic Crimes Task Forces and Working Groups
- The Secret Service (investigates fraudulent use of currency)
- StopFraud.Gov Victims of Fraud Resources
- U.S. Computer Emergency Readiness Team
- U.S. Department of Justice
- U.S. Postal Inspection Service (investigates fraudulent online auctions and other cases involving the mail)
- Your State Attorney General
Information for this page provided by StaySafeOnline.