Five tips to practice safe web

Yes, I work in Information Technology Services (ITS) and yes, even I fell for a false email sent by a hacker on the dark web, with a believable subject line and counterfeit message, luring students to fall for the fake message, click a link or download a file, and expose our University NetIDs and passwords.

Here are five tips and tricks to avoid malicious emails and to keep your account safe.

Enable Two-Factor Authentication

You might be wondering, what’s Two-Factor Authentication (2FA)? It’s an added security measure that will protect against unauthorized use of your credentials, even if they are stolen. Syracuse University students can now opt-in to 2FA for their University email and other Office 365 services. Go to and select Two-Factor Opt-in. It’s simple to set up, and I sleep better at night knowing my email and schoolwork have an extra layer of security. (BTW, all students will have 2FA enabled by Feb. 12.)

Be Suspicious

We all have a detective inside of us. Use it! Always be suspicious of emails from any unknown senders. Before clicking any attachments or links in an email, verify that the sender is who they say they are. If you receive an email from a suspicious unknown sender, delete the email before opening it. Even if you know the sender, hover over what looks like a harmless URL. That may reveal a malicious hidden URL that could take you to a website that may try to gather your account information. Malicious attachments are an easy way for hackers to get into your account. I didn’t take the time to verify the sender before opening an attachment, and my account got hacked, so now I’m always cautious when opening and reading my emails.

Keep Your Software Updated

Making sure your computer’s software is always updated and patched will help to ward off hackers. Antivirus and anti-malware software are programs designed to prevent, detect and remove malicious software from your computing device. When your software is up to date, you have less of a chance of being hacked! Make sure to turn on the automatic updating function for each of your devices.

Protect Your Password

Your NetID and password are solely for use in logging on to a Syracuse University system. SU will never ask for these for any reason. If you receive an email from “Syracuse University” requesting this information, know that it is really from a hacker who does not represent any Syracuse-affiliated office. If an occurrence like this happens, please report it to itsecurity@syr.edu. Under any circumstance, you should never give your password away to others, that’s confidential information! Treat it like your ATM PIN.

Use Your Resources

ITS provides all students with a variety of technology services and support. You can contact ITS by calling 315.443.2677, emailing help@syr.edu or walking into our Service Center located just off the Milton Atrium between the Life Sciences Complex and the Center for Science and Technology. ITS has helped me with a variety of issues from unlocking my compromised account to fixing the audio on my laptop. And, the best part of it all? Technology support from ITS on any issue is completely FREE!

We’re all at risk of malicious emails. Hopefully, these tips are useful to you and will help you practice safe web.

Written by Paige Wucherpfennig ’21, School of Information Studies