PROTECTING YOURSELF FROM A CYBER ATTACK

By following the guidelines below, you can help protect Mount Royal University and yourself from cyberattacks

Store data on a backed-up drive. Ensure that you store data on H: drive, J: drive or using Google Drive. All of these locations are automatically backed up daily. Do not store data on your desktop or local drive on your computer. If you get a virus you could lose all your data.
Consider any unexpected email suspicious. Do not click on any links or open any attachments in emails that you are not expecting regardless of who they are coming from. If you need to access information from a link or attachment:
  • Phone the sender directly using a number you know is legitimate to confirm the legitimacy of the email.
  • Navigate to the website directly using an URL that you know is legitimate.
Secure your login credentials Ensure your credentials are secure:
  • Don’t share them with anyone for any reason.
  • Memorize them or store them securely in KeePass or a locked cabinet or drawer.
  • Do not use your Mount Royal username or password for sites outside the University.
Secure mobile devices

To ensure your mobile devices are secure:

  • Lock the screen of all mobile devices when they are not being used.
  • Password protect USB keys/flash drives and portable drives.
  • Treat your mobile device as if it were cash. Do not leave it unsecured when it is unattended. Do not leave it in your car.
Consider found portable data storage to be dangerous

If you find a lost USB key/flash drive/CD Rom etc. return it to Campus Security at X200. Do not plug them into your computer as they may contain viruses or malware.

Verify calls from the ITS Service Desk

Legitimate calls from the Service Desk will be accompanied by an email from the Footprints ticketing system. In addition, at no time will the Service Desk ask you to download an application, so they can trouble shoot your computer or ask you for your password. If you suspect a call is not legitimate, politely end the call and dial (403) 440-6000 to contact the Service Desk directly.

Be suspicious of anyone asking for information they should not have or should already know

Cyber attackers use social engineering to gain your trust, so you will give them information they can use to compromise data security. If you are contacted by phone, email or text by an individual asking for information that they should already know, verify their identity using contact information that you know is legitimate. The same is true for anyone asking for confidential information or login credentials.

Your computer may be under attack if it:
  • Is running slower than usual
  • Has web browser settings that have been changed
  • Has pop-up windows open that you cannot close
  • Takes you to websites that you did not ask to visit
  • Has a pop-up warning you that you have a virus

If you suspect that your computer is under attack, unplug the network cable from the back of your computer immediately and contact the Service Desk at (403) 440-6000.