Cybersecurity Tips for Students

The National Cybersecurity Alliance offers these tips to avoid being a victim to phishing scams and identity theft with potential loss of private data.

  1. Only use official email addresses or social media accounts when interacting with the university or its members.
    Using your official CDU email address (it ends with a “.edu“) when communicating with students, staff or faculty at the university helps identify everyone involved and decreases instances of phishing. Never click on links or download attachments if they are unsolicited or suspicious.
  2. Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information.
    Remember, CDU will never ask for your password via email, text or phone call. Avoid clicking any links sent in an unsolicited email. Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net). If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email.
  3. Keep your software updated.
    Don’t wait until next semester: keep your software updated. Install the latest antivirus, anti-malware, and firewalls to guard against evolving threats. Set up your antivirus software to regularly scan for malware on your device. Turn on automatic updates  to keep operating systems, web browsers, and security software up to date to prevent exploitation of vulnerabilities.
  4. Do not log into unsecured networks without protective software or share sensitive information over public Wi-Fi.
    No matter whether your online learning journey takes you to the cafe down the street or to another country, do not log into sensitive accounts over public Wi-Fi (school, banking, etc) unless you take precautions. Even if the network requires a password, your data can be exposed. Invest in a virtual private network like CyberGhost to keep cyber criminals off your devices.
  5. Secure your online accounts with strong passwords, a password manager, and multi-factor authentication (MFA). 
    Every online account, whether it’s for your academic pursuits or personal use, should be protected by a unique, strong password. Each password should be at least 15 characters long and a random mix of letters, numbers, and symbols. How are you supposed to remember all those passwords? Use a trusted password manager to generate, store, and maintain your collection. Many institutions now require the use of multi-factor authentication (MFA). This doubles the security of the account and adds another layer of security beyond your password.
  6. Back up your work safely and maintain a clean workspace.
    Backing up your work is a cardinal rule of cybersecurity because that’s how you build a safety net against data loss caused by cybercrime, hardware failures, or accidents. Ideally, you should back up your data using a cloud service as well as a physical device like an external hard drive. Use your antivirus software to scan your files before backing up to avoid transferring threats. When it comes to document disposal, delete files (that means emptying the Recycle Bin) and shred any physical documents. Maintaining a clean workspace is equally vital, particularly if your computer is shared or accessed by others. Log out or lock your computer before stepping away, reducing the risk of unauthorized access. Also, if you find a strange USB drive or other removable media, don’t plug it into your device! Malware is often transmitted through such devices.


Enjoy your online learning journey with greater confidence, knowing you’ve taken the right steps to safeguard yourself, your data and your devices.