Photo: Monkey Business Images (Shutterstock)
Cyberattacks are a huge risk, and they’re on the rise. College students—especially those who are away from home, bringing their devices to class, or frequently connecting to public wifi—may be particularly vulnerable to hacks and cybercrime. Here’s how they can avoid becoming a victim of a cyberattack.
Use strong passwords
The simplest cybersecurity practices can be the most effective. Strong passwords utilize length and complexity to become extremely hard to guess. You can do this by combining lowercase and uppercase letters, numbers, and special characters.
This xkcd comic offers a great starting point for creating unique, strong passwords that are easily (or at least more easily) remembered. Building on that, we have a guide for creating memorable passwords that aren’t a hassle to type out. Even if your passwords aren’t memorable, that’s OK; you can—and should—use a password manager to help you keep track of them.
Take advantage of two-factor authentication
Even with a strong password, you’re still at risk because hackers might acquire your password and username if you have an account with a company that suffers a breach. Passwords can also be exposed when you log into an account using an insecure network, like the wifi at a local coffee shop. Because schools don’t always invest in securing their networks, you may be at risk even if you connect to the web using the college’s wifi or a university VPN. And multiple accounts may be in danger if hackers can steal a password you’ve used more than once.
Two-factor authentication provides you with some extra protection by requiring another factor of information in addition to your password. In most cases, this is a code sent to your phone, an app, or another trusted device when you attempt to log in. Just make sure you never give this code to someone else; scammers pretend to be a trusted source, like your bank, and ask for your 2FA code to “confirm your identity,” when in actuality they can now break into your account.
Be on the lookout for phishing scams
In phishing attacks, hackers send fraudulent emails that appear to come from trustworthy sources, like big-name retailers, banks, and insurers. They can encourage recipients to download malicious software or divulge sensitive information. Many hackers specifically target college students with phishing scams, using emails that appear to come from sources like financial aid departments, advisers, and professors.
The FTC explains how to spot a scam and what to do when you receive one. As a rule of thumb, be careful when opening any links from emails: Read the email closely, looking for spelling or grammar mistakes that a real company wouldn’t likely make, and click or tap on the sender’s name to reveal their actual email address (often, the real address is clearly phony).
Keep devices updated
Software patches regularly come with security updates that help protect your devices from newly discovered exploits and vulnerabilities—waiting to update your phone, computer or smart devices could leave them open to malware and viruses. There’s some evidence that hackers attack college networks because student tech tends to run on outdated software, making them easier targets.
Regularly update your devices to keep them safe. Most offer auto-update or update scheduling tools that make it easy to plan ahead and keep everything running on the latest version of their security software. If you’re concerned about unstable or buggy updates, you can often choose to only download the security update instead. Android does this by default, and now Apple offers the option, as well.
Encrypt your device files
Your computer probably comes with a tool that allows you to fully encrypt all the data on your hard drive to protect the information, files, and programs against unauthorized access. Companies often use this technique to protect the files on a business laptop if it’s lost or stolen. As a college student, you may be on the move constantly, carrying your devices to class, the library, and study areas, so you can use the same strategy to keep your files safe if one of your items is lost or stolen.
Some operating systems, like Windows 10, have an FDE feature active by default. However, for most devices, you’ll need to activate the feature manually. You can check out our guide on encrypting your Mac or Windows machine here.
Consider using a VPN
A virtual private network (VPN) is a digital privacy tool that can keep your information safe when connecting to both public and private wifi networks. The VPN encrypts data you send to the internet, meaning that the person or organization managing the wifi network won’t know what content you’re accessing.
VPNs can also be used to make your connection appear as if it’s coming from somewhere else, allowing you to access content that may typically be restricted to users in certain countries. For example, if Netflix only makes a show or movie available in a specific region, you can trick the service into thinking you live there by using a VPN. Here’s how to find a trustworthy VPN.
Some colleges and universities also provide campus VPNs that allow you to use services that typically require you to be connected to the campus network. This includes remote desktop, off-site printing, and shared file systems.
These VPNs won’t protect your browsing from the university itself—while internet providers won’t be able to tell what you’re looking at, the owner of the VPN service will. However, the university VPN will allow you to use campus services when you’re off-site.