In May, Korine Ohiri clicked on a link in an email from a trusted colleague. She thought the link was related to signing up for an upcoming event.
“It was convincing,” said Ohiri, a Ph.D. candidate in Mechanical Engineering and Materials Science at Pratt School of Engineering.
Unbeknownst to her, the link was part of a massive phishing attack designed to compromise accounts, and it affected more than one million people around the world.
But Ohiri did not fall victim because she didn’t follow the bogus steps after clicking the bad link, and she quickly reported the incident to the Office of Information Technology and IT Security Office. After reviewing her account, the IT Security Office gave her the all clear, and Ohiri changed her email password for protection.
“I figured better safe than sorry,” she said.
Ohiri’s proactive approach is atypical when you consider a recent Pew Research Center report that shows a lack of understanding about basic cybersecurity issues in America. According to the 2017 report, a majority of Americans have personally experienced a “major data breach” and most keep track of online passwords by either memorizing them or writing them down.
“We see examples every day where attackers attempt to gain access to Duke accounts or computers, or to ‘cloud’ services such as Google, Dropbox or banking institutions,” said Richard Biever, Duke’s chief information security officer. “Partnership between Duke’s IT Security office and our faculty, staff and students have played a big part in our ability to shut down phishing attacks against Duke.”
As part of National Cybersecurity Awareness Month in October, Duke's IT Security office invites Duke staff, faculty and students to learn about cybersecurity best practices and to take a security quiz for a chance at an Apple Watch Series 3.
Throughout October, Duke’s IT security offices will share tips and resources to help staff, faculty and students protect their digital security.
Cathy Hubbs, chief information security officer at American University, will be a featured speaker on Oct. 11, talking about cybersecurity today (including the recent Equifax breach), as well as barriers and opportunities faced by women in IT security.
In addition, Duke IT staff will present two Learn IT @ Lunch sessions and will be available at various on-campus events giving away fidget spinners, webcam covers and other freebies.
See the full schedule of events.