Kansas State University

search

IT News

Category: Cybersecurity

Tips for protecting your devices and personal information

Posted on by Christine Doucette

You use devices like laptops, smartphones, tablets and watches to store sensitive information like your credit card. Protecting and securing that information is important to safeguarding your identity and data.

Here are a few things you can easily do to protect your devices.

Install antivirus software

Antivirus software is your first line of defense. It detects, blocks, and removes viruses and warns about dangerous websites and links.

Use strong passphrases/password manager

Using long, complex and unique passwords is a good way to prevent your account from being hacked. An easy way to keep track of and remember your passwords is by using a password manager. Continue reading “Tips for protecting your devices and personal information”

Antvirus required for all devices connecting to the K-State network

Posted on by Cathy Rodriguez

""Kansas State University is committed to maintaining the highest level of cybersecurity for our community. To strengthen our defenses, all devices connecting to K-State’s network must have antivirus software installed and kept updated.

CrowdStrike is the antivirus solution for university-owned devices. It is not licensed for personal use. For antivirus protection on personally-owned devices, see the options below.

Installing CrowdStrike

CrowdStrike Falcon is automatically installed on all Windows domain-joined computers. For Mac OS systems or specific non-domain-joined Windows machines, you can manually install CrowdStrike Falcon by following these instructions.

Personally-owned devices

Personal-owned devices are still required to use an antivirus solution and keep it updated when connecting to the K-State network. This ensures the safety and integrity of our network and the personal information of all our users.

The following are antivirus solutions for personal use:

  • Windows
    • Windows Defender (built into Windows 10 and Windows 11)
    • Avast Free Antivirus
    • AVG Antivirus Free
  • Mac OS
    • Avast Security for Mac
    • Sophos Home

If you have any questions, contact the IT Service Desk at 800-865-6143 or 785-532-7722 or via Live Chat. For in-person support, come to the IT Service Desk on the second floor of Hale Library.

Protect Yourself from Ransomware: What You Need to Know

Posted on by Cathy Rodriguez

""Ransomware is malicious software that locks your data or your entire device and demands a ransom to unlock it. Cybercriminals may promise to return your files if you pay, but there’s no guarantee they’ll follow through. 

How Does It Spread? 

Ransomware often comes through phishing emails, malicious websites, or infected downloads. You might think you’re clicking a harmless link or attachment, but once you do, the ransomware installs itself and begins encrypting your files. 

At K-State, we’ve seen an increase in phishing attempts targeting students, faculty, and staff. Our Security Intelligence and Operation Center (SIOC) is actively monitoring these threats, but individual vigilance is critical to protect personal and institutional data. 

How Can You Protect Yourself?  Continue reading “Protect Yourself from Ransomware: What You Need to Know”

How to identify CEO fraud

Posted on by Cathy Rodriguez

CEO fraud is when cybercriminals attempt to impersonate senior executives to deceive employees into transferring funds or sensitive information.

These fraudsters target specific employees with personalized emails, usually asking their victims to complete a business activity such as paying a bill. They learn as much as possible about their targets and organization to make the emails more convincing. They can obtain this information from websites and social media sites. For example, LinkedIn provides them with a plethora of information about a target, such as job history, connections with colleagues and even samples of how they write. Continue reading “How to identify CEO fraud”

K-State utilizing geolocation for cybersecurity

Posted on by Christine Doucette

""The internet is an incredible tool for learning and sharing information, but it also poses a cybersecurity threat. To prevent hackers from stealing your personal information, K-State uses geolocation to protect accounts from being compromised by using IP information. If any suspicious activity is detected, the user will receive an email notification with recommendations on the necessary next steps, which may include updating account passwords.

Continue reading “K-State utilizing geolocation for cybersecurity”

Duo: Remember me for 7 days feature

Posted on by Christine Doucette

K-State uses Duo two-factor authentication to keep your personal information safe. This provides a second layer of security for your account by requiring a secondary device to verify your identity. Duo ensures that only authorized users can access your account, even if they know your password. All K-State students, faculty and staff are required to use Duo. Continue reading “Duo: Remember me for 7 days feature”

Spot the scam: how to stay safe online

Posted on by Cathy Rodriguez

""Social media has become a central part of many of our daily lives which makes it a prime target for scammers to carry out their fraudulent activities. One step to protect yourself is by staying aware of their scam tactics such as fraudulent ads, fake giveaways, romance scams and more.

The following are some tips to help you stay safe online:

  • Watch for red flags in messages – Scammers often send messages that look like they’re from someone you know or trust. These messages might ask for personal information, like your password, Social Security number, banking details or try to get you to click on a suspicious link.Be cautious if:
    • You receive unsolicited messages or friend requests from people you don’t know.
    • The message seems urgent or too good to be true.
    • The person asks for money, especially through gift cards or wire transfers.
    • The language or tone doesn’t sound like the person you know.
  • Be suspicious of unverified accounts – Before you trust a profile or page, check for verification. Official accounts often have a verification badge—a blue checkmark on platforms like Facebook or X (formerly Twitter). Scammers sometimes create fake accounts that look almost identical to real ones. Look for these signs of a fake account:
    • The username or handle is slightly off (e.g., extra letters or numbers).
    • The account has few followers or posts.
    • The content is repetitive or copied from other sources.
  • Question unsolicited offers – If you receive an unexpected offer for a prize, job, or investment opportunity, proceed with caution. Scammers often lure victims with promises of easy money or amazing deals.
  • Avoid clicking suspicious links – Links in posts, messages, or ads can lead to harmful websites designed to steal your information. These sites might look like real ones but will ask you to log in or enter sensitive information. Protect yourself by:
    • Hovering over links to see where they actually lead before clicking.
    • Avoiding links that shorten or obscure the real destination.
    • Only logging in to websites by typing the URL directly into your browser.
  • Don’t share too much personal information – Scammers can use your publicly shared information to target you more effectively. Be careful about what you post on your profile and in your posts. Limit the personal details you share, such as:
    • Your phone number, address, or email.
    • Information about your family, like your mother’s maiden name.
    • Details about your daily routines or travel plans.

Stay safe, and think before you click!

Beware of CEO fraud scams

Posted on by Cathy Rodriguez

As part of our ongoing efforts to enhance cybersecurity and protect K-State from potential threats, we would like to bring your attention to the issue of CEO fraud, also known as Business Email Compromise (BEC). Cybercriminals may attempt to impersonate senior executives to deceive employees into transferring funds or sensitive information.

These fraudsters target specific employees with personalized emails, usually asking their victims to complete a business activity such as paying a bill. They learn as much as possible about their targets and organization to make the emails more convincing. They can obtain this information from websites and social media sites. For example, LinkedIn provides them with a plethora of information about a target, such as job history, connections with colleagues and even samples of how they write. Continue reading “Beware of CEO fraud scams”

Phishing Scams: Watch out for job scams

Posted on by Christine Doucette

Are you looking for a job? While looking for a job, be on the lookout for cybercriminals because they are looking for you. At the end of a semester, it is common for cybercriminals to target students, faculty and staff who may be looking for a job.

Cybercriminals will target you with emails “inviting you to interview with their company.” The emails will include a sense of urgency, such as “interview with us now because slots are filling up” or “schedule your interview now before the position is filled.”

Some cybercriminals will ask you to download a particular app or device for the interview. Do not click on any links or download any apps; this is a scam. These malicious apps can install malware on your device and leak personal information. After stealing your information, cybercriminals could use it to impersonate you, commit financial fraud or scam other unsuspecting people via your accounts. Continue reading “Phishing Scams: Watch out for job scams”

Phishing Scam: “URGENT: Suspected Exposure Incident Detected”

Posted on by Christine Doucette

A new phishing scam email has been circulating through several colleges and universities nationwide and even in Kansas. The email’s subject line is “URGENT: Suspected Exposure Incident Detected.” DO NOT fall for this scam. DO NOT click on any links. Immediately delete the email.

The links within the phishing email are cloned to login pages and even ask you for Duo verification. If you fall for this phishing email, immediately change your eID password and report the incident to abuse@k-state.edu.

The “URGENT: Suspected Exposure Incident Detected” phishing scam preys on people’s fear of spreading a contagious virus. The email provides a link to a webpage to determine if you have been in contact with the virus. It is important to note that the scammers send emails from university employees or department heads. Do not fall for this scam.

To learn more about identifying phishing scams, view the Phishing Scams webpage.

Think before you click. More than 90% of successful cyberattacks start with a phishing email. If you receive a suspected phishing email, immediately report the email to abuse@k-state.edu.