Woman typing on a laptop in the dark while wearing a mouth and nose mask

Dear Chapman Students, Faculty and Staff,

We would like to commend all of you for how you have been able to support the University and each other during these unprecedented times.

Due to social distancing and shelter-in-place recommendations, we all have increased our online activity both on the personal and professional levels.

Cybercriminals are capitalizing on the uncertainty, hope and need for information surrounding the pandemic.

Google Detected a surge in Corona-virus themed websites (January 149,195 – March 522,49). Many of these websites are setup for phishing. Coronavirus-related scam emails are becoming prevalent.

We are writing to provide you with tips and recommendations for staying safe online:

 

1. Wireless Network Configuration:

Make sure your wireless network is password protected.
An open wireless network (that does not require a password the first time you connect to it) could allow anyone to intercept your internet activity and steal your information.

 

2. Update your Operating System:

Software and operating system patches are released every month.
An unpatched system could allow an attacker to remotely execute commands on your system and exfiltrate information or control your computer.
Make sure you regularly update your Operating System for your Windows or Mac computer.

 

3. Secure your devices:

Make sure you use one of the well-known anti-virus softwares available.

If you are using a windows computer and do not have an anti-virus installed, please make sure that the “Windows Defender” or “Microsoft Security Essentials”(for windows versions older than Windows 8) is installed and up to date.
Use passcodes or passwords for your devices

4. Password or Passphrase?

Use strong, complex passwords. We recommend Passphrases (Ih4v3agreencar@) instead of Passwords (Car@). A weak password can be easily “cracked” – guessed using a computer program.

Change your password regularly, an old password can be already exposed. (haveibeenpwnd.com is a good way to check if your password was part of a third party breach)

Don’t reuse passwords – especially for personal and professional accounts

5. Two Factor authentication:

Sign up for 2 factor authentication at 2fa.chapman.edu

Two factor authentication uses your password and your mobile device to log you in to your network.
If your password gets stolen, an attacker would not be able to login to your account without your mobile device.

We strongly recommend using 2 factor authentication whenever possible.

 

6. Don’t fall for phishing emails:

With the uncertainty surrounding the Pandemic, hackers are banking on all the uncertainty, need for information, hope and fear of the general population.

Please visit:

www.chapman.edu/scams to learn about the trending scams
www.chapman.edu/phishing to familiarize yourself with the characteristics of a malicious email
www.chapman.edu/security to see the latest phishing emails impacting the university

The Federal Trade Commission website offers a wealth of tips on spotting a COVID-19 themed scam: https://www.ftc.gov/coronavirus/scams-consumer-advice

 

7. Zoom bombing:

One of the well-known online conference services, Zoom, has been affected by a security flaw that allowed uninvited participants to join online meetings.

The flaw has since been addressed by improving the security features of the platform.
To learn more how to prevent zoom bombing, please visit:

https://www.chapman.edu/campus-services/information-systems/security/zoom-bombing-prevention.aspx

 

Thank you all for being a great community!
To Report a suspected security incident, please email infosec@chapman.edu.

 

Office of Information Security
Chapman University
infosec@chapman.edu