Best Practice #1 - Change your passwords periodically
If you believe that you were the victim of a phishing scam, you should change your password immediately! Doing so will prevent the criminals from accessing your account. Even if you weren't the victim of a phishing scam, it's a good idea to change your passwords periodically anyway.
Best Practice #2 - Create secure passwords
Your passwords should contain a MINIMUM of 8 letters or numbers. The longer the password the better. Avoid creating passwords that have information that can be associated with you in some way (e.g. names of pets, names of children, social security numbers). Try using a pass phrase instead of a password (e.g. "ILoveBostonCreamDonuts").
Best Practice #3 - Don't use the same password for everything
Many people use the same password for everything, which is extremely insecure. Think about it - if a hacker obtains your Buffalo State password, they won't just try and access your Buffalo State accounts. They'll also try to use these same credentials to access more lucrative sites, like an online bank account or a shopping website that might have your credit card information stored. By using different passwords for different sites, you limit the hacker to only "unlocking one door" if a password is stolen, rather than "unlocking all the doors."
Best Practice #4 - Don't use your ADS email address to register for outside services
We recommend against using your ADS email address to sign-up for outside services such as shopping, Dropbox, filesharing, or social media accounts.
Best Practice #5 - Avoid phishing scams
If you receive an email that looks suspicious, here are some things to help you determine if the message is legitimate or spam:
- Examine the spelling and grammar. Phishing emails typically have misspelled words and poor grammar.
- Examine any hyperlinks in the message by hovering your mouse over them (without clicking). If the URL of the link doesn't match the description of the link, it might be leading you to a phishing site.
- If the message is making threats - "failure to upgrade your email account will lead to the closure of your email account" - it's spam!
- If the message is asking for personal information (e.g. SSN, password) it's spam!
When in doubt, just use your cofense phishing reporting Outlook plugin:
