Welcome to
Information Security

The Information Security Office at RIT is here to help! We offer resources and assistance to keep the campus community safe and secure from Internet and various other online threats.

Protect yourself from
Phishing

The ongoing evolution of digital communication also brings about the evolution of scammers and their methods. Phishing is one kind of such fraud, in which the attacker masquerades as a reputable individual or group, in order to trick users into revealing their private information. Check out our resources to learn how not be baited and reeled in!

Learn more »

Are you the
Weakest Link

Get information on how to safely remove private information from your devices and stay protected. The chain of security is in your hands.

Learn more »

Guard your
Private Information

The Private Information Management Initiative (PIMI) seeks to identify and reduce the amount of private information found on RIT computers and storage devices.

Learn More »

 
 

RIT Information Security Alert: Your RIT account information Phish

Many RIT faculty, staff, and students have received an email informing recipients that there’s been a database update and they must follow the link and update their account information. The link leads to a spoofed copy of the RIT login page. A copy of the phish is provided below.

 

Sample Phishing Email

From: Rochester Institute of Technology <Sender email address>
Date: Thu, Mar 2, 2017 at 6:01 PM
Subject: Your RIT account information
To: recipient email address

Hello,

Due to a recent update in our database, its is important that you update you account information.... ...

Welcome to Information Security

The website is organized into the following areas:

 

Section Content

Requirements/ Standards

What Faculty, staff, students, and others associated with RIT MUST do to comply with the Information Security Policy and Standards. Information about our standards process and exception process. Proposed standards available for comment.

Job & Employment Scams

We all use the internet to find jobs. However, not all jobs listed are legitimate, even on job boards. (Many job boards allow employers to post jobs directly and administrators of job sites may not catch scam postings immediately.) Does the job sound too good to be true? It may be a scam. These scams can result in identity theft, loss of money, and more.

So, how do you know when you have found a scam? Here are some things to look for, adapted from symplicity™:

Fraud Posting Red Flags

What are fraud posting red flags? Thanks to the many... ...

Multi-Factor Authentication

Enabling multi-factor authentication is one of the best things you can do to make sure your account information is not compromised.  Passwords alone will not always protect you, but using two or more steps to verify you are the account holder will help keep your accounts secure.

Common actions that lead to your password being stolen are:

  • Using the same password on multiple websites.
  • Downloading software from the Internet without verifying its legitimacy.
  • Clicking on links in phishing email messages.

The following is an example of multi-factor authentication on Google.

... ...

Protective Mobile Device Software

One in every five people in the world own a smartphone according to a 2013 report in Business Insider and with the significant growth of smartphone usage, the issues surrounding mobile security have also grown. 

It is more important than ever to arm mobile devices with protective software.  PCs have been the target of malware and virus attacks for years, but recently mobile devices are being targeted more frequently.  Cyber criminals are most often creating malicious programs to gain access to financial information.

The major target for these attacks is Google’s Android operating system due to the rapid expansion and... ...