Common Security Threats

About Common Security Threats

The Internet is riddled with e-mail and phishing scams, hoaxes, fake Web sites, spam and a sundry of schemes that hackers and identity thieves conjure up to spread mayhem across the Internet or to trick people into revealing bank account and credit card numbers, Social Security numbers, and other confidential information. Below are some common security threats and how to best defend against them. 

On This Page


Scams and Hoaxes

Chain letters, email, phishing scams and hoaxes clog the network, clutter mailboxes and waste University computing resources. Some contain malware and viruses that can compromise personal computers (including Macs) and Syracuse University networks. Compromised machines found on the Syracuse University Network will require a complete reinstallation of the operating system.

For the best defense:

  • Always be wary of unsolicited e-mail, even if you think you recognize the sender. E-mail addresses are often "spoofed" by spammers and hackers.
  • Never open attachments that are connected to these e-mail hoaxes.
  • Never click on the embedded Web links in these e-mail hoaxes.
  • Never redistribute e-mail chain letters and other hoaxes across the University network.
  • Delete the e-mail.
  • When in doubt, e-mail ITsecurity@listserv.syr.edu or call the ITS Help Desk at 443-2677.

Additional information about phishing specifically can be found on the Phishing and Suspicious Email page. If you've interacted with (entered username/password) or gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised. Follow the instructions on our Got Phished! Now what?


Spyware

Spyware is programming that is secretly installed on personal computers when owners surf the Internet; arbitrarily download files, programs and other materials from the Internet; and click on e-mail attachments that are attached to spam and other unsolicited e-mail. Spyware can be attached or embedded in third-party applications, mobile apps, and even browser extensions. 

Spyware collects information about user web or device activity. Spyware can also monitor your keystrokes, scan your computer files, snoop your chat programs, read your cookies, change your default homepage, change your default Web browser, interfere with your ability to access the Internet, and report all of the information it gathers about you to the spyware's author.

Spyware can interfere with your computer's normal operation, causing system slowdown, illegal operation errors, browser crashes, and even cause hardware failures. 

For the best defense: 


QR Codes

Quick Response codes (or QR codes) is a type of matrix code easily readable by machines. Originally designed for the automotive industry it has gained popularity due to fast readability and greater storage capacity compared to other bar code standards (like UPC etc.). It typically contains of black modules in square grid on a white background, which can be read by an imaging device (such as a camera) and processed using simple decoders.

One of the most popular implementation of QR codes is consumer advertising as a user can just scan the code with their phone and it will take them to the website. QR codes provide quick and effortless way to direct a consumer to the brands website and therefore the consumer will be more inclined to purchase something or at least see the sale. QR codes can be used with Android, Blackberry and Apple iOS devices.

There are some risks to QR codes that can endanger the user’s contents of their phone and put their privacy at risk. The practice of cybercriminals manipulating QR codes for fraudulent use is known as “attagging”, a combination of “attack tagging”.

Malicious QR codes are easily created and the risks of scanning them for a user include linking to a malicious website, enabling GPS/camera/microphone, analysis of files/contacts/passwords, and sending email/text messages without consent.

For the best defense:

  • Be cautious when scanning QR codes unless you know the source
  • Avoid QR codes found in public or immediately redirect you somewhere unfamiliar
  • Close and clear your browser sessions in any cases of suspected malicious codes
  • Review any download activity if not directly tied to intended based on the QR code details or use
  • In some cases, it is just best to type the URL into your browser as it is much safer


Additional Links and Information



Need Help?
Contact the ITS Help Desk at help@syr.edu or by calling 315-443-2677.