Digital Identity

  👋 Welcome to Digital Identity! Be Suspicious of Holiday-Themed Emails As this year’s holiday season starts, don’t let your guard down with holiday-themed emails! Cybercriminals often use fake party invitations, charity requests, or travel confirmations to trick you. Always verify links and attachments before clicking—think twice, celebrate safely!

  👋 Welcome to Digital Identity! How to Avoid Scams We warn about scams a lot. There are many out there, from romance scams to Amazon or UPS delivery scams, from Grandparents (or elderly) scams to tech support scams.  While these scams follow different playbooks, they have common red flags that, if you can recognize them, will help you avoid these scams. Never text back if the message was unexpected.  Don’t even tell them they have the wrong number. Hang up and call back.  If you receive an unexpected phone call from a loved one, law enforcement, or someone else claiming authority, hang up and call back through a number from your contacts list or verify through a web search. Have a safe word.  Talk to your family and agree to a safe word or phrase that could be used if someone is distressed during a phone call. If you get an unsettling phone call from a loved one, ask for the safe word. Never post this information online or send it through text or email. Refuse...

  👋 Welcome to Digital Identity! Looking for a Charity? In this season of giving, you might be looking for a reputable charity to donate to. However, many scammers are pretending to be charities that will take your money and do no good with it. Charity Navigator provides free access to data, tools, and resources to guide philanthropic decision-making. Using a tool like Charity Navigator can help you ensure that your donations are going to a legitimate charity, keeping you, your data, and your money safe from scammers this holiday season.

    👋 Welcome to Digital Identity! Don’t know it? Don’t trust it! When shopping online, stick to trusted sources and known retailers. Avoid visiting random or suspicious websites. Choose established e-commerce platforms and stores with a track record of reliability. If you need to check on shipping and delivery updates, you can go back to the trusted site to review those and dismiss any phony alerts you may receive. Protect your new gadgets Getting a new gadget is always exciting, but it’s important to be smart about how you use it. Hackers know about Internet of Things (IoT) devices and how to access them. Be sure to follow best practices when firing up these new toys. Change the default password, check all security settings, disable any unnecessary permissions, and keep it up to date to safely enjoy your devices

   👋 Welcome to Digital Identity! Secure your gift cards Be cautious when websites or vendors insist on payment through gift cards. Scammers often prefer this method, as it’s difficult to trace and recover gift card funds. Legitimate sellers should accept conventional payment methods. If you are only given the option of using a gift card, stop the payment process and find a different website to shop from!

   👋 Welcome to Digital Identity! Invite Cybersecurity to Your Holiday Gatherings There’s always so much to remember around the holiday season, and it’s all very important. But one item you don’t want to forget is cybersecurity. This holiday season, keep cybersecurity at the forefront of your mind while you are scouring the web for deals, wrapping goodies, and supporting your community. These simple reminders will help you keep your data safe and make your holidays happy. Too good to be true Online ads and tempting deals can be enticing, but they can also be traps. Beware of offers that seem too good to be true. Hackers place advertisements all over, even on social media, and those links could lead you right into a holiday data-stealing trap! Stick to well-known, reputable websites and sellers.

  👋 Welcome to Digital Identity! Stick to Approved Sources for Software When it’s time to download a web browser or any common application or software, always use approved software libraries like SCCM or Company Portal for Windows, or Self Service for Apple devices. These trusted sources ensure you get legitimate, up-to-date software without hidden malware or vulnerabilities. Avoid clicking on links from unknown websites—what looks like a harmless download could be a trap. Downloads from webpages often include other software you don’t want or need. Protect your system and data by keeping it clean, secure, and sourced from reliable repositories.

   👋 Welcome to Digital Identity! Holiday Shopping How did it get to be the middle of November already? Have you started your holiday shopping yet?  Feeling just a little bit panicked? Unfortunately, this time of year is when scammers will attempt to lure you into clicking on links for "too good to be true" deals, visiting unsecured websites, and stealing your hard-earned money. Here are some tips for staying safe while shopping online.  Shop on Secure Websites:  Look for URLs that start with "https://". However, know that scammers will build websites that have these security features, so don't just stop here! Use Strong Passwords:  Create unique, strong passwords for your shopping accounts and enable multi-factor authentication (MFA) where possible. Avoid Public Wi-Fi:  Refrain from making purchases over public Wi-Fi networks, which can be less secure. If necessary, use a VPN to encrypt your connection. Monitor Your Accounts:  Regularly check yo...

  👋 Welcome to Digital Identity! Beware of Credential Phishing Credential phishing is a cyberattack where scammers trick you into revealing your login credentials, such as usernames (NetID) and passwords. These attacks typically come in the form of fake emails, text messages, or websites designed to look legitimate. These scams have increased over 700% in the second half of 2024.  Why Should You Care? If attackers gain access to your credentials, they can: Steal sensitive information:  Access your email, bank accounts, or UTHSC systems. Compromise your identity:  Impersonate you to commit fraud or target others. Gain more access to your lif e: If you use the same password across multiple accounts, scammers will try those same email and password combinations on other platforms. This is called  Credential Stuffin g.

  👋 Welcome to Digital Identity! Protect Yourself from Credential Stuffing Last week's tip about Credential Phishing mentioned Credential Stuffing. This type of cyber attack takes username/password pairs, or "credentials" from past data breaches, and attempts to use that same pair to gain access to other accounts for that user.  To stay safe: Use unique passwords  for every account. Enable multi-factor authentication (MFA)  wherever possible. Monitor for suspicious logins  and unauthorized activity. Consider a password manager  to generate and store strong, unique passwords. Reusing passwords makes you an easy target. Stay one step ahead by keeping your credentials secure!

     👋 Welcome to Digital Identity! Securing Smart Home Devices Maybe your home has a doorbell camera, or a thermostat you can adjust via an app. Maybe you have a baby monitor you can check from anywhere, or an over you can turn on when not at home. These smart home devices are internet-connected devices and appliances designed to make our homes more efficient, comfortable and sometimes even more secure. However, this convenience also comes with risks if not properly secured. When hacked, intruders can access your personal information, spy on your daily activities, and even control the physical devices inside your home.  To keep your smart home devices secure, follow these essential tips: Change Default Passwords:  Always change the default passwords on your devices to strong, unique passwords. Enable Two-Factor Authentication (2FA):  Use 2FA where available to add an extra layer of security. Keep Software Updated:  Regularly update the firmware ...

    👋 Welcome to Digital Identity! Smishing: Text Messaging Scams - What You Need To Know Just like phishing emails, "smishing" attacks use deceptive tactics to trick people into revealing personal or financial information or downloading malicious software. But instead of targeting inboxes, these scams arrive via text message. How Smishing Attacks Work: Spoofed Numbers:  Scammers often use spoofed phone numbers to make it appear as though the message is from a legitimate source, like your bank or a delivery service. Urgent Messages:  Smishing attacks often create a sense of urgency, urging you to click on a link or take immediate action. Shortened Links:  Be wary of links that are shortened using services like bit.ly or goo.gl. These links can mask the true destination of the website. Requests for Personal Information:  Scammers may ask for your Social Security number, bank account details, or other sensitive information. How to Protect Yourself: Be Skepti...

   👋 Welcome to Digital Identity! Beware of Malware-Injected CAPTCHA pages Captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) is a security measure verifying a user is human and not a computer. You've seen these boxes you need to click to confirm "I am not a robot".  However, Cybercriminals increasingly use fake Captcha pages to trick users into downloading malware. These deceptive pages often appear when visiting compromised websites or through phishing links. They may prompt you to download a supposed "verification" file—often laced with malware. What to watch for: Unusual Captcha behavior - real Captchas don't ask you to download files. If one does, it's a scam.  Mismatched branding - look for inconsistencies in logos, fonts, or URLs or webpage structures. Unexpected redirects - if Captcha leads you to a random download, exit immediately. By staying vigilant and following these tips, you can protect yourself from fal...

  👋 Welcome to Digital Identity! Beware of Phishing Emails from Local Organizations Phishing is a deceptive technique cybercriminals use to trick individuals into revealing sensitive information, such as login credentials, or installing malware on their devices. Sometimes they come from local businesses or organizations. These emails can be especially convincing because they exploit the trust and familiarity people have with these entities.

  👋 Welcome to Digital Identity! Be Cautious Downloading "Free" PDF Software Some, like Smart PDF Pro, may come bundled with potentially unwanted programs (PUPs) such as the OneStart.ai browser, which can hijack your search engine, track browsing habits, and degrade system performance. Many of these issues arise when users download such software while working remotely, where our firewall can’t block these unwanted programs. Instead of risky free tools, remember that UT provides licensed Adobe software that is already paid for and safe to use. Always download software from trusted sources, read installation prompts carefully, and use reputable antivirus software to detect and block PUPs

  👋 Welcome to Digital Identity! Protecting Your Smartphone from Scams Have you gotten a text about an undelivered Amazon package? How about one from UPS? Smartphones are increasingly becoming targets for scams due to their widespread use and the sensitive information they contain. Be cautious of phishing texts (smishing), fake apps, and suspicious links sent via SMS or messaging apps. Never click on unknown links, and always verify the sender. Enable two-factor authentication (2FA) and keep your device updated to stay protected. By following these steps, you can help safeguard your smartphone against potential scams and keep your personal information secure. Stay vigilant!

  👋 Welcome to Digital Identity! Using AI Applications and Data Privacy As AI applications become more integrated into our daily activities, it’s crucial to be mindful of data privacy. Here are some tips to protect your data when using AI technologies: Limit Data Sharing:  Be cautious about the data you input into AI applications and avoid sharing sensitive information unnecessarily. Know your Data Classification:  never put sensitive or protected data into a public generative AI tool; even be very cautious of what you input into a private tool. You might know how un-private it could be.  Understand Permissions:  Review the permissions requested by AI applications and ensure they are necessary for the app’s functionality. Stay Informed:  Keep up-to-date with best practices for data privacy and AI usage. Use Trusted Sources:  Only download AI applications from reputable sources to reduce the risk of data breaches.

   👋 Welcome to Digital Identity! Beware of Unverified QR Codes Think before you scan  cybercriminals can create fake QR codes that lead to malicious websites, steal your data, or install malware on your device. Only scan codes from trusted sources, and always preview the link before opening it. Stay smart, stay safe!

  👋 Welcome to Digital Identity! Understanding and Spotting Deepfakes Deepfakes are synthetic media—usually videos or audio—created using AI to mimic real people’s faces, voices, or actions. They're a growing cybersecurity concern because they can be used for impersonation, fraud, or spreading misinformation. To spot a deepfake, look for unnatural facial movements, inconsistent lighting, mismatched audio and lip-sync, or strange blinking patterns. Always verify suspicious content from a trusted source before believing or sharing it.

  👋 Welcome to Digital Identity! Be Careful When Signing Into Apps With Social Media Accounts Avoid using your social media accounts (like Facebook or Google) to sign into apps or websites. While it's convenient, it creates a single point of failure — if that social account is ever hacked, every connected app could be compromised too. Another issue is information sharing between that app and your social media account. This might include your name, email address, friends list, and even your likes and interests. This should be a privacy concern for you.  Instead of using these social media accounts, create separate logins with strong, unique passwords to reduce risk and better control your information

  👋 Welcome to Digital Identity! Backup Your Data:  Regularly back up important data to a secure location, such as an external hard drive or cloud storage, to prevent data loss in case of an attack. Beware of Phishing Scams:  Be cautious of unsolicited emails, messages, or links that ask for personal information. Verify the source before clicking on any links.

    👋 Welcome to Digital Identity! Install Security Software:  Use reputable antivirus and anti-malware software to protect against threats. Be Cautious with Public Wi-Fi:  Avoid accessing sensitive information over public Wi-Fi networks. Use a VPN (Virtual Private Network) for a secure connection.

   👋 Welcome to Digital Identity! Enable Two-Factor Authentication (2FA) : Enabling 2FA on your accounts adds an extra layer of security. This requires a second form of verification, such as a code sent to your phone. Keep Software Updated:  Regularly update your device’s operating system and applications to patch any security vulnerabilities.

  👋 Welcome to Digital Identity! Protecting Your Personal Devices While most of these tips are to protect UT Health Science Center and our assets, we do care about your personal devices and their protection. To keep your personal devices secure, follow these essential tips: Use Strong Passwords:   Create unique and complex passwords for each device and account. Avoid using easily guessable information like birthdays or common words.

   👋 Welcome to Digital Identity! Importance of Backing Up Your Data Data loss can happen unexpectedly through hardware failure, accidental deletion, malware attacks like ransomware, or even natural disasters. Backing up your data ensures you can recover important files, avoid paying ransoms, and maintain business continuity. Why It Matters: Ransomware can lock you out of your data. Without a backup, you could lose everything. Regular backups act as your safety net, allowing you to restore files without depending on hackers or luck

  👋 Welcome to Digital Identity! Texting Scams  On the Rise Scams received via text, or SMS messaging, are called smishing. This type of scam is on the rise as cybercriminals increasingly use text messages to trick individuals into revealing sensitive information or clicking malicious links. 

  👋 Welcome to Digital Identity! Protect All Your Personal Information When it comes to cybersecurity, protecting more than just your passwords and credit card details is crucial. Every piece of personal information—like your address, date of birth, or even seemingly harmless details such as your pet’s name—can be compiled by cybercriminals to commit identity theft or other malicious activities. Why It Matters: Identity Theft:  Hackers can use multiple data points to impersonate you and access sensitive accounts. Social Engineering:  Even small details can be exploited to manipulate you or others into revealing more critical information. Targeted Scams:  Personalized scams become easier when criminals know more about you. How to Stay Safe: Limit Sharing:  Be cautious about sharing personal details online, especially on social media. Use Privacy Settings:  Adjust privacy settings on your accounts to restrict who can see your information. Be Skeptical: ...

   👋 Welcome to Digital Identity! Think Before Your Click - Even on Prime Day Always verify the sender before trusting an email or social media post. Cybercriminals often impersonate trusted brands like Amazon, especially around major events like Prime Day. A post or email may look like it's from Amazon, but on closer inspection, the sender’s address or URL might reveal it’s actually from a third-party scammer trying to steal your personal information.

  👋 Welcome to Digital Identity! Double-Check Login Pages Phishing attempts often disguise themselves as legitimate university login portals. Attackers may send emails or texts with urgent messages, like “Your account will be locked” or “Verify your information now”, leading to a fake login page that looks nearly identical to the real one. Before entering your credentials, always look closely at the web address. Official UT systems will use our institution’s domain (such as *.edu) and should show a secure connection (https://). Never log in from an unexpected link in an email or message

   👋 Welcome to Digital Identity! Helping Older Adults Stay Safe Online Did you know that older adults are the most frequently targeted group for online scams and lose billions each year? Staying safe online doesn’t require being a computer expert. Simple steps like creating strong passwords, spotting scams early, and keeping devices updated can make a big difference. The National Cybersecurity Alliance has created a free workbook with clear, practical advice, no scare tactics or tech jargon. It’s designed to help older adults (and those who support them) build good online habits and avoid common scams. Access the workbook and resources  here . Whether you use these tools for yourself, a parent, or a friend, you’ll gain confidence to enjoy the internet safely.