E-mail scams designed to collect social security and bank account numbers are among the current threats to computer security outlined in a new awareness campaign at the University of Colorado at Boulder.
CU-Boulder Information Technology Services has begun a yearlong educational effort focusing on computer security and will address a specific topic each month. Organizers are focusing on privacy and identity-theft issues during February.
Campus ITS experts said that in most cases, computer security is all about what you do rather than what you buy.
"Hackers, identity thieves, scammers and online criminals are becoming increasingly sophisticated," said Dan Jones, CU-Boulder IT security coordinator. "That means computer users need to be equally adept at fending them off. Not only is computer security something everyone can master, it's something anyone who uses the Internet must master."
Jones said that at the moment "fishing attacks" are common. "In this scam, the user receives an e-mail message from what appears to be a bank," said Jones. "The message says something to the effect, 'Your bank account has been suspended. Please confirm your account by following this link.' The user follows a link to a phony bank Web site that appears official and it requests account numbers and a social security number," he said.
During the educational campaign, CU-Boulder students, faculty and staff will receive messages about computer security tips and tricks, and will be able to take part in interactive educational sessions.
"In the physical world, it used to be that you knew which dark alleys or bad neighborhoods to avoid," said Jones. "Today, the Internet, with all its benefits, has also brought the dark alleyways to your computer. As such, it takes much more vigilance to protect your privacy and your money from would-be criminals."
Dennis Maloney, ITS executive director, said through the campaign, "We aim to help the campus community better understand the dangers that lurk online and how to combat them and, ultimately, encourage a healthy dose of skepticism and common sense about Internet resources."
The ITS education campaign continues in March on the topic of spyware. The March through December monthly topics, in order, are: spyware, safe e-mail and online practices, safe and strong passwords, securing machines, antivirus software, vulnerability patching, wireless access, policies, worms and viruses, and virtual private networking.
For updated information about the computer security campaign, including resources on a variety of computer security topics, please visit the IT Security Web site at and click on the IT Security logo. From this site, which caters to all levels of expertise, computer users can find out more about each month's topic, and get current news on viruses, worms and other IT threats.