Skip to main content - Skip to contact information

Protect Your Personal Information

Protect your Information

Phishing and Pharming

Physical Security for your Laptop and Computer

Protect your Information

Personal information is valuable to a thief, it can provide access to your financial records, other personal assets, and can lead to identity theft. The best way to protect your personal information is to never give it out on a web-site, however that is not always going to be practical. You may use the Internet to shop, do your banking or obtain services and information. These activities may require you to provide some personal information.

The next best thing is to minimize and protect the information you provide. This can be done by:

  • Using a strong password
  • Read web site privacy policies or statements before submitting any personal information. Find out how this information will be used and protected.
  • Refuse some or all of the cookies a web site offers you.
  • Do not download free software offers. Contact the IT helpdesk if you require additional software.
  • Always make sure that you are using a secure, encrypted web connection when conducting any sensitive Internet transaction, such as Internet purchases or online banking.
  • Don't open any unsolicited or unknown email messages.
  • Do not right-click to download pictures in unsolicited email . This is a common method for spammers to confirm your email address.
  • If you receive email from someone internally that seems out of character, check with the sender prior to opening the email.
  • If you receive suspicious email or happen to inadvertently download something of questionable content such as a video clip, contact the IT Helpdesk. ITS can check the email header information and possibly determine the source.
  • Do not send personal information via email because email is NOT a secure transmission method.
  • Know who you are dealing with, be aware of fraudulent techniques such as Phishing and Pharming.
  • If you have sensitive data consider encrypting it:
    • Windows® XP has a built-in file and folder encryption feature
    • Please see Microsoft's® web page 'Help keep your data safe' for more information
top of page top

Phishing and Pharming

What is Phishing?

In computing, phishing is an attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official email. Banking information has been a common target. The From: address is spoofed to appear to come from the real company. (Virus writes also use spoofed return addresses) A frequent ploy in phishing is to ask that you update or verify your account information. They also usually include some sort of threat, such as a deadline, to encourage you to respond. Most Canadian banks have information posted on their web sites advising that they would never send emails requesting this type of information.

What is Pharming?

Pharming is when hackers redirect you from a legitimate web site (such as a bank site) to an identical looking site in order to trick you into entering your user information.


Ways to Recognize Phishing (Spoofed) Emails

  1. Generic Greeting - the email starts with a general greeting (Dear Valued Customer) or uses your username (Dear SmithJ)
  2. A false sense of urgency in responding to the email - such as a threat that your account will be closed or access will be denied
  3. Misspellings or bad grammar
  4. Unsafe sites - they direct you to a look-alike 'secure' web site but the URL does not include https: and/or the lock symbol in the bottom left corner
    1. The address looks odd - i.e. http://82.4.2.258/www.paypal.com instead of the legitimate https://www.paypal.com
  5. Pop-Up boxes in email - these are not safe and are not used by legitimate companies

More details on Phishing and Pharming can be viewed here:

The Anti-Phishing web site: http://www.antiphishing.org/
ING Direct has a fairly complete one page guide to online banking security: http://www.ingdirect.ca/en/security/index.html
National Cyber Security Alliance has a very complete guide as well: http://www.staysafeonline.org/tools-resources/know-who-youre-dealing-online

Physical Security for your Laptop and Computer

You can minimize the access other people have to your information by practicing good security habits.

top of page top
Laptops and Computers - General:
  • Lock your system if you have to step away
    • In Windows click CTRL+ALT+DEL and select Lock Computer
  • Watch for over-the-shoulder snoops when entering passwords or other sensitive information
  • Protect your system with a strong password
  • Consider setting a system password
    • A system password is set in the system's BIOS and appears even before Windows starts loading
  • Protect your system against power surges
  • At home, disconnect your system from the Internet when you aren't using it.
    • The always-on Internet convenience you get from Cable and ADSL connections puts you at more risk from attacks.
top of page top
Laptops - Specific:
  • Do not leave your laptop unattended
    • Consider an alarm or a lock
  • Disguise your laptop
    • Use a non-traditional case (such as a laptop backpack) to downplay the fact you are carrying a laptop
  • Backup important information frequently - you can't always prevent the loss of your equipment but you can prevent the loss of all your information