Information Security
Page tree

Protect your personal information
In today’s digital world it’s important to establish your own personal identity. Your personal information is increasingly valuable to hackers and thieves, it’s vital to take the necessary precautions to protect your identity.

Personally Identifiable Information (PII)
Any piece of information that can uniquely identify, contact or locate a single person is considered Personally Identifiable Information (PII). PII includes Social Security, credit card, and bank account numbers. Hackers or people with malicious intent, can access your PII in many different ways. They can use your unattended device to get passwords or read emails. They can get your personal information by masquerading as a legitimate website or email to trick you into giving out your personal information. SU will never ask you to reveal any personal information through email or ask you to update your personal information through a link in an email.

Protect your digital identity
Never click on embedded links from people you don’t know. Always be wary of unsolicited email or messages on social media sites, even if you think you recognize the sender. Don’t disclose any PII on the phone, in the mail or online unless you know the other party. Limit the amount of personal information you post on social media. Use strong passwords and prevent device theft.

Protect your papers
Don’t leave any sensitive documents, especially those with your PII, where others can find them. Use a shredder to destroy the documents before disposal. Don’t keep your social security number in your wallet or write it on checks. If an organization wants to use your social security number as an identifier ask if they can use something else instead. 

Phishing Scams
Phishers send emails or messages that claim to be from businesses or organizations you may deal with, like your bank or even Syracuse University. A message may ask you to “update,” “validate”, or “confirm” your account information. These messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into giving out your personal information so the operators can steal your identity, run up bills or commit crimes in your name.

Spot phishing emails
Valid emails are often personalized while phishing ones are not. Don’t open emails or attachments from unknown sources. Even images (i.e. .jpg and others) are used to spread viruses. Delete and don’t redistribute chain emails. Phishing emails usually threaten to shut down your account if you don’t respond. Valid emails do not. Phishing emails will usually have grammar or spelling mistakes.

Phishing scams on the web
Make sure the sites you visit are encrypted and certified. Look for a closed padlock in the status bar at the bottom of your browser window and make sure it says “https” and NOT “http” in the URL. Rest your mouse on top of the link in an email. This will reveal the real URL in a yellow box. A malicious web site URL usually will not match the name of the institution it allegedly represents.

If you think your identity has been stolen

  • Contact the police immediately and file a report. Notify creditors and dispute any unauthorized transactions. These steps should be taken IMMEDIATELY to protect your good name.
  • To report suspected phishing emails go to
  • To report phishing emails that appear to be from SU, email the ITS Security Team.
  • If you are ever unsure whether an email is legitimate, contact the ITS Service Center at (315) 443- 2677 or
  • No labels