Hackers can gain unauthorized access, disrupt services like Netflix, Blackboard or email, and even steal and sell your identity, using fake URLs to access to your TU NetID login information. A URL is the address that appears in the text navigation bar across the top of a webpage, and hackers create fake ones to trick you into thinking a website is legit.
Protect yourself and the campus by avoiding fake logins. Look for these three items before entering your NetID username and password:
- A padlock: Confirm this icon appears in the URL bar
- “s” after http. Make sure the URL starts with: https://, not http://
- towson.edu. Ensure you’re logging into a legit TU service when you see this written out before the third forward slash mark. It might be followed by other characters, and that’s ok. An example is the MyTU login page, inside.towson.edu, where the URL is spelled out as https://inside.towson.edu/mytu/myTU.cfm.
Still unsure?
- Contact the OTS Faculty/Staff Help Center or Student Computing Services. If you’ve received the email in a TU email account, they can help determine if a URL is a fake.
- Report the email as phishing. If you’ve received a suspicious email in your TU account asking you to login, click the “Report Phish” button in Outlook from your desktop or laptop, or forward it to phishing@towson.edu from a mobile device.
Remember to keep passwords private. Don’t give them out! No one at TU will ever ask for your password. Be sure to update them frequently using TU’s password guidelines.
Learn more. Visit www.towson.edu/securityawareness and follow OTS’ Office of Information Security (OIS) on Twitter @TowsonInfoSec.
This is week four of National Cybersecurity Awareness Month (NCSAM).