IT Security Services

CTS provides a range of information security services for Cypress College, including:

  • Spam and Phish Filtering of All Cypress College Email
  • College Firewall Management
  • College VPN Management
  • College Wireless Security
  • Server and Endpoint Vulnerability Assessment and Management
  • Web Application Security Assessments and Remediation
  • Digital Forensics
  • Information Risk Assessments
  • Security Policies, Guidelines, and Best Practices Development
  • PCI-DSS Compliant Credit Card Processing Environment for Cypress College
  • Network Monitoring, Intrusion Detection, and Incident Responses
  • Management of Cypress Enterprise Accounts
  • Automated Scanning of Servers and Web applications

2019 Cyber Security Month

Week 3 Activities

Week 2 Activities

October is Cyber-Security month, and Cypress College is embarking on a month of activities to bring about security awareness for our campus community. As our world transitions to a new digital age, information has become significantly easier to access. Unfortunately, such ease has empowered malicious entities to exploit the privacy of both individuals and organizations like ours.

The Technology Services Office, the Business Division, and the Office of Campus Communications are excited to announce the launch of Charger Secure, the new Cypress College information security awareness program to help combat this threat. The Charger Secure program is focused on equipping Cypress College students, staff, and faculty with the knowledge to better protect personal and Cypress data from information security threats.

We encourage you to engage with the Charger Secure program and thank you for your commitment to information security at Cypress College.

Week 1 Activities

Email Scams, Spam, and Phishing

Email Scams and Recognizing them:

Phishing attempts have become more sophisticated with increased quality of imitating a genuine email. Be aware of these warning signs:

  • The message is unsolicited and asks you to update, confirm, or reveal personal identity information (e.g., SSN, account numbers, passwords, protected health information).
  • The message creates a sense of urgency.
  • The message has an unusual “From” address or an unusual “Reply-To” address.
  • The (malicious) website URL doesn’t match the name of the institution that it allegedly represents.
  • The message is not personalized. Valid messages from banks and other legitimate sources usually refer to you by name.
  • The message contains grammatical errors.

What is Email Spam and Phishing?

Email spam are messages sent to many people, often simultaneously, that either contain web links to Internet websites that host malware or contain executable malware within the message designed to infect the computer when opened. These messages are also called junk e-mail.

Phishing is the term for messages sent to individuals via email or text message with the intent to fool unsuspecting recipients into providing personal information, such as usernames, passwords, and financial account information.  They often employ social engineering tactics by creating messages that appear to be legitimate. These messages can also lure individuals to malware-hosting websites.

Spear phishing differs from phishing in that it targets a specific department, division or college, seeking unauthorized access to protected information.  These messages allegedly come from IT support staff or other professionals in a position of authority from within the targeted department, division or college.  As with phishing, these emails will attempt to trick users into divulging personal or financial information, their credentials, or entice them into clicking on a link that could install malware on the computer.

Phishing Email Do’s and Don’ts:

  • DO look for a digital signature/certificate as another level of assurance that senders are legitimate.
  • DO use common sense. If you have any doubts, DON’T respond. Contact the Cypress Help Desk at 47157 if you have any questions.
  • DON’T open email that you have any suspicion may not be legitimate.  If it is legitimate and the individual trying to contact you needs to, they will try other means.
  • DON’T ever send credit card or other sensitive information via email.
  • DON’T open email or attachments from unknown sources. Many viruses arrive as executable files that are harmless until you start running them.

For more information visit our Academic Computing website, Spam and Phishing alerts page where you can see examples of messages received by the campus.

External Resources:

  1. Anti-Phishing Working Group
  2. gov
  3. PhishTank