After a long winter, spring is finally here! Consider taking a few minutes to spring clean your digital life:

▪ Online Accounts: Your online accounts like email, social networks, organizations, shopping websites, cloud storage, etc. can collect clutter. Take a few moments to remove/close unneeded accounts. Make sure to use unique and secure passwords for each account.
▪ Email Accounts: Review, archive, file and delete unnecessary emails. We also recommend that you empty your trash folder, and unsubscribe to recurring emails that no longer interest you.
▪ Social Media: It is a good idea to periodically review your security settings and connections.
▪ Devices: Smartphones, tablets, laptops and computers make our lives so much easier. Consider removing unused apps and clear out any downloads you aren’t using anymore. Make sure your device requires a password, pin, or fingerprint to log in.
▪ Web Browser Settings: Many browsers can store your passwords or autofill settings. Take a few minutes to check your browser settings, clear out old data, and ensure your browser’s security settings are still keeping you safe.

April cybersecurity newsletter: Digital Spring Cleaning. University of Nebraska Omaha. (2018, January 23). Retrieved April 22, 2022, from https://www.unomaha.edu/news/2017/04/april-cybersecurity-newsletter.php

As the tax season nears, we would like to remind everyone to stay vigilant and to protect your personal and financial information.

The IRS offers the following guidance to identify and avoid scams:

• Text message scams: Text message phishing—also called “smishing”—occurs when scam artists use deceptive text messages to lure consumers into providing their personal or financial information. During tax season, scams are sent to taxpayers’ smartphones and have referenced COVID-19 and/or “stimulus payments.” These messages often contain bogus links. The IRS does not use text messages to discuss personal tax issues.
• Email phishing scams: Email Phishing scams use fake websites constructed to look identical to real sites. The IRS does not initiate contact with taxpayers by email to request personal or financial information. The IRS initiates most contacts through regular mail delivered by the United States Postal Service.
• Phone scams: Criminals can fake or “spoof” caller ID numbers to appear to be anywhere in the country, including from an IRS office.
  The IRS does not leave pre-recorded, urgent or threatening messages. In many variations of the phone scam, victims are told if they do not call back, a warrant will be issued for their arrest.

Adapted from “IRS Warning: Scammers Work Year-Round; Stay Vigilant | Internal Revenue Service.” Www.irs.gov, Internal Revenue Service, 1 Feb. 2022, www.irs.gov/newsroom/irs-warning-scammers-work-year-round-stay-vigilant. Accessed 11 Feb. 2022.

Zoom has announced a security update for the Zoom client on all major devices (Mac, PC, iPhone, Android, etc.). The latest version (released on November 28, 2021 version 5.8.6) of the Zoom software patches a vulnerability.

We recommend that all Zoom users check for a software update anywhere Zoom is installed. Any client below 5.8.4 must be upgraded.

How To Update Zoom

Zoom provides a pop-up notification when there is a new mandatory or optional update within 24 hours of logging in.
If you already have the Zoom desktop client installed:
* Sign in to the Zoom desktop client (type Zoom in the Search bar on a PC, and Launchpad or Finder>Applications on a Mac)
* Click your profile picture
* Click Check for Updates
* Follow the prompts to complete the update

On a mobile device, check the app store for updates.

Duo Security, the University’s two-factor authentication provider, has recently updated the user interface for the mobile app for Android and iOS. Depending on your device settings, your mobile app will automatically update or you will need to manually initiate the update.

What is different?

People who are already using Duo’s mobile app will notice a new look and feel. Other notable differences include:

• Approve Button Moved to the Right: In the new version (4.0.0) the approve checkmark button will be on the right.
• Hidden Passcode: the passcode will be hidden until you click “show.” This change is intended to improve information security by enabling you to make sure that your mobile device screen cannot be seen by others when the passcode appears.

New Phone?

The University of Scranton’s Division of IT is currently deploying Cylance Endpoint Detection and Response (EDR) to all University laptops and desktops. As of this writing, Cylance EDR has been deployed to 417 Windows and 23 Mac endpoints. Over 21 million files have been scanned and 61 files have been quarantined as threats. In addition, over 500 alerts have been generated regarding suspect endpoint behavior, with the majority being low severity.

Deployment to Staff endpoints began in January and will continue over the next several months. Installation of Faculty endpoints will begin after the end of the spring semester.

Cylance EDR is an AI-driven platform that strengthens, automates and streamlines overall endpoint security. Cylance’s EDR capabilities allow us to protect assets from modern cyber and malware attacks. It detects and mitigates highly advanced security threats as they emerge in real-time.

If you have any questions, please contact the Technology Support Center at 570-941-4357 or techsupport@scranton.edu

2020 saw a major disruption in the way many work, learn, and socialize online. Our first cybersecurity video focuses on steps users can take to protect internet connected devices for professional use.