Tips for Safety Online

Challenge

I am concerned about the safety of my information online. What are some practical tips I can follow The following tips can help you when you suspect phishing or other information security threats.

Solution

The following tips can help you when you suspect phishing or other information security threats.

Beware of Phishing. 

  • Read the Beware of Increased Phishing Attempts news article.
  • Check the “from” email address. If you feel like an email is suspicious, cross-check the email domain to see if the sender is credible. The email domain is the text that appears after the @ symbol in the email address. It should match the name and company of the attempted sender (be on the lookout for minor misspellings!). If you are unsure, try looking up the company’s email domain through a search engine.    
  • Watch for misspellings and incorrect grammar. It is common for hackers and scammers to use online translation machines that don’t return perfect grammar or spelling. Take a quick look through every email you receive for these kinds of mistakes.  
  • Be suspicious of hyperlinks. If you receive an unexpected email to your inbox, it is best practice to check all the hyperlinks before clicking on them. Occasionally, both the sender and the body of the email can appear legitimate, but the phish is hidden in the links. If you hover over each link, check if the URL leads to the website you would expect based on the sender. For example, if you receive an email from Bank of America, the hyperlinks should bring you to bankofamerica.com. 
  • Visit Recognize and Report Email Scams webpage for more information.
  • Report phishing scams sent to your UMN email account at security.umn.edu.

Update Software on your Devices. 

Keep your operating system, antivirus software, web browsers, and other applications up to date to protect against known vulnerabilities. 

Use Strong Passwords and Change them Regularly. 

Visit the Cybersecurity and Infrastructure Security Agency’s website for guidance on Choosing and protecting passwords

Activate 2FA or Multi-Factor Authentication Wherever Possible. 

Two factor authentication (2FA) adds an extra layer of security by requiring you to provide a second form of verification (e.g., a text message or authentication app) in addition to your password. For example, the University of Minnesota uses Duo two-factor authentication to verify your identity when you sign in to certain systems. 

Be Vigilant with your Accounts. 

Regularly monitor your accounts and personal information. Monitor financial accounts Regularly review your bank, credit card, and other financial statements for any unauthorized transactions. Report any suspicious activity to your financial institution. Freeze or monitor your credit 

Consider Placing a Credit Freeze or Fraud Alert on your Credit Reports. 

A credit freeze helps prevent new accounts from being opened in your name without your permission. Monitoring your credit reports for unusual activity is also advisable. Visit usa.gov for instructions. 

Stay Informed. 

Stay informed about cybersecurity best practices and evolving threats. Knowledge is one of the best defenses against cyberattacks. Visit the Federal Trade Commission consumer advice page on Online Privacy and Security.