Skip to main content
Search
Knox Together: COVID-19 Plans & Policies Visitor Policy Give Now
A student rides her bike across the Knox College campus.

Cybersecurity

Submit Your Deposit
Ford Center for the Fine Arts

Don’t Click on That Link! Keep Knox College Safe from Cybercriminals!

The education/research sector was the most targeted sector for cybersecurity attacks in 2021

91% of cyber attacks can be attributed to employees clicking on links in phishing emails, designed to trick a victim into giving away sensitive information via a suspicious email

Attackers can also use spear phishing, where an attacker targets specific victims to steal information or install malware in our systems

They can also use a technique called “spoofing” which involves a person or program appearing to be legitimate when it is trying to steal data or infiltrate a system 

Once a bad actors breach our cyber defenses, they can do great harm to Knox and its community; here are the three top cyberthreats in higher education we need to watch for::

Installing ransomware

Nearly 75% of ransomware attacks are successful in higher education

Ransomware attacks cost U.S. schools and colleges $3.5 billion in 2021

The average ransomware attack cost higher education institutions $3.4 million last year

Ransomware attacks have closed colleges permanently, or temporarily, including Lincoln College, University of California, San Francisco, and Austin Peay State University

Installing malware (malicious software)

Malware is software installed by cybercriminals that can:

  • Cause disruption to computer servers, clients and computer networks;
  • Leak private information;
  • Provide unauthorized access to information systems; 
  • Derive users access to information; or
  • Interfere with the user’s security and privacy

Implementing a Data Breach to Steal Personally Identifiable Information (PII)

Cybercriminals are targeting the technology higher education uses to collect and manage information for employees and students. If there is a data breach and personally identifiable information is exposed, cybercriminals advertise it for sale online in criminal marketplaces and publicly accessible forums.  Exposure of personally identifiable information can also result in identity theft. 

What can you do to prevent cybercriminals from attacking Knox or your personal accounts?

  • If you aren't 100 percent certain of the sender’s authenticity, don’t click on attachments or embedded links; both may result in malware being installed. Instead, open a new browser window and type the URL directly into the address bar. Often a phishing website will look identical to the original so check the address bar to confirm the address.
  • Never submit confidential information via forms embedded in or attached to email messages. Senders are often able to track all of the information you enter.
  • Be very wary of emails asking for financial information. Emails reminding you to update your account, requesting to send a wire transfer, or alerting you about a failed transaction can be frightening, and scammers count on the urgency of the message to blind you to the potential fraud and scare you into clicking and responding.. 
  • Be very wary of emails asking for financial information. Phishers will pressure you into providing sensitive information by threatening to disable an account or delay service until you update certain information. DO NOT respond to the email or click on any links. Contact the named sender (merchant, bank, etc.) directly to confirm the authenticity of the request.
  • If you receive a Duo two factor authentication prompt and did not initiate a login, deny the request and report it immediately to ITS. Also, if you receive multiple Duo two factor authentication prompts, don't click Approve out of frustration or annoyance – please report it immediately to ITS.
  • Be suspicious  of social media invitations from people you don't know. 
  • Watch out for generic looking requests for information. Many phishing emails begin with “Dear Sir/Madam.” Some could come from a bank with which we don't even have an account.
  • Ignore emails with typos and misspellings. 
  • To see if the sender is authentic, click on their email address to see if it’s actually from the sending institution. In most, if not all cases, the sender is not from the institution sending the email. 
Knox College

https://www.knox.edu/offices/information-technology-services/cybersecurity

Printed on Friday, February 3, 2023