• Student Job Posting Scams
• Working Remotely
• Passwords
• Accounts
• Operating System Updates
• Antivirus
• Firewall

TOP

Student Job Posting Scams

Jobs that sound too good to be true should raise a red flag for any college student. Attackers are preying on students who are looking to make extra money while in college. Sent via unsolicited offers directly to student accounts or even showing up in online job listing websites, fake job postings are attempts to steal your personal information and potentially drain your bank accounts.

How to Recognize a Scam 

You may expect that the job posting you are looking into is a scam if the email or job posting contains any of the following: 

• Does not indicate the company name/the employer contact information.
• Comes from an email address that does not match the company name.
• Offers to pay a large amount of money for very little work.
• Requests personal information from you such as Social Security Number, bank account numbers, credit card details, copies of your passport/license or other documents during the interview process.
• Requires you to transfer/wire money from one account to another, or to purchase any type of gift cards.
• Offers you a job without ever interacting with you.
• Offers to send you a check before you actually start working.

How to Avoid a Scam

Here are some things that you can do to protect yourself from a scam:

• Visit the organization’s website: if the organization in question doesn’t have a website or the website doesn’t seem to match the advertised job, there may be cause for concern.
• Use personal contacts, LinkedIn, or other networking sites: use any connections you may have that can help you find inside information about the company.
• Be suspicious of poor communication skills of the employer: be careful when an employer cannot communicate accurately or effectively on the website, by email, over the telephone.
• Don’t pay any application fees that may be requested from you: legitimate employers, including the federal government, will never ask you to pay to get a job.
• Never bank on a “cleared” check: no legitimate potential employer will ever send you a check and then tell you to send on part of the money, or buy gift cards with it.

If You Were Scammed

Here are some things you can do if you have been scammed:

• Report it to Drexel's Department of Public Safety.
• If you have been a victim of one of these scams or any other internet related scam, you are encouraged to file a complaint with the Federal Bureau of Investigation's Internet Crime Compliant Center IC3 at https://www.ic3.gov.
• You can also report fraud to the Federal Trade Commission (FTC) at https://reportfraud.ftc.gov/#/.
• For more information on what to do, please visit the Federal Trade Commission's web page at https://www.consumer.ftc.gov/articles/what-do-if-you-were-scammed.

If you are suspicious of a job posting or email, don’t hesitate to contact the Steinbright Career Development Center.

Working Remotely

When working remotely...

• Use Drexel-provided information technology services.
• Have a dedicated, secure place that is safe from virtual and physical break-ins.
• Do not have sensitive work conversations near listening smart home devices, e.g., Alexa, Google Home, etc.
• Do not leave sensitive information exposed physically or online.
• Lock your device when you are away.
• Call in person before complying with requests for sensitive information.
• Do not share passwords with others.
• Keep calm and take the D.U.S.T, Drexel University Security Training.

TOP

Passwords

Drexel University Password Policy

• All system-level passwords (e.g., root, enable, NT admin, application administration accounts, etc.) must be changed every 30 days.
• All user-level passwords (e.g., email, Web, desktop computer, etc.) must be changed at least every 63 days.
• User accounts that have system-level privileges granted through group memberships or programs such as "sudo" must have a unique password from all other accounts held by that user.
• Passwords must not be inserted into email messages or other forms of electronic communication.

Guidelines for Secure Passwords

Strong passwords have the following characteristics:

• Contains both upper and lower case letters (e.g., a-z, A-Z)
• Have numbers and punctuation characters as well as letters e.g. 0-9, !@#$%^&*()_+|~-=\`{}[]:;'>
• Are at least ten characters long.
• Are not a word in any language, slang, dialect, jargon, etc.
• Are not based on personal information, names of family, etc.

Avoid using the following characteristics:

• Fewer than ten characters.
• Words found in a dictionary (English or foreign).
• Common usage word such as: names of people, things, pets; computer terms and names; organization, place or event names; birthdays and personal information and word or number patterns.

Use this password strength checker to see how secure your passwords are.

TOP

Accounts

You are the first line of defense against account compromise.

• Practice strong password management.
• Never share your password.
• Update your password at least annually.
• Log out of public workstations before departing.
• Beware of "Phishing" scams. Drexel will never request your account information via email.
• Change your password immediately and contact accounts@drexel.edu if you suspect your account has been compromised.
• Run a University Official Social Media Account? Here are some guidelines on how to secure it.

TOP

Operating System Updates

Protect your computer from remote compromise by regularly applying critical OS patches.

Microsoft Windows Update

Critical Updates: Manual Windows

• Windows Update is included in the Windows Control panel.
• Click on Start > Control Panel > Windows Update or  Start > All Programs > Windows Update.
• Click on "Check for Updates." If a box comes up asking you to trust Microsoft, then click "Yes."
• Click on "Review" and install updates.
• Click "Install Now" to install the selected updates.
• Click "Accept" to any windows that come up.
• When they are finished, click "OK" to restart the computer.
• After the machine reboots, repeat steps 1 through 6 until there are no more critical updates left.

Critical Updates: Automatic Windows

• Click on Start > Control Panel > Windows Update.
• Click on "Change Settings" link.
• In the drop down box under Important updates, select "Install updates automatically."
• Select the installation frequency and time, such as every day at 3:00 AM.
• Place a check mark in "Recommended Updates," "Who can install updates," and "Microsoft Updates for other Microsoft products."

Software Updates - Manual macOS

• Click the Apple menu > System Preferences > Software Update....
• Wait for the list of available updates to appear
• Anything that said "Security Update" or "macOS Update" should be selected; if it isn't, then click the checkbox to select it.
• Click the "Install" button near the bottom right corner.
• You'll be prompted to enter your password.
• If prompted, restart your computer after the updates install.

Software Updates - Automatic macOS

• Click the Apple menu > System Preferences....
• Under System, click "Software Update."
• Click the checkbox in front of "Check for Updates" and select "Daily" from the drop-down list.
• Click the checkbox to "Download important updates in the background."
• Click the "System Preferences" menu, then "Quit."

TOP

Antivirus

Drexel uses Sophos Endpoint Protection and Palo Alto Networks Traps for the protection of Drexel owned systems. For personal machines, Drexel recommends Windows Defender Antivirus for devices running Microsoft Windows or Sophos Home, a free anti-virus solution supporting both Windows and macOS.

Note to Professional Staff and Faculty: Most on-campus computers used by professional staff and faculty will automatically install required security software when they log into the Drexel domain. Please contact the IT Help Desk at 215.895.2020 for information about this process.

For more information on endpoint security software, please see drexel.edu/it/services/catalog/antivirus.

TOP

Firewall

Students, Faculty and Staff

DrexelNet users are strongly encouraged to enable their built-in operating system firewall. Firewalls help protect computers by restricting remote access to critical system services.

Windows 10

• Open your Control Panel.
• Open Windows Firewall Settings.
  • Select "System and Security."
  • Select "Windows Firewall."
• Enable the Firewall.
  • Make sure both Private and Public Network Firewalls are turned on.
• Click "OK" to save the settings.
• Close the "Control Panel" window.

Windows 7

• Open your Control Panel.
• Choose Windows Firewall.
• In the left panel, click "Turn Windows Firewall on or off."
• Select each of the green shields to turn on Windows Firewall in three settings.
• Click "OK" to save the settings.
• Close the "Control Panel" window.

macOS

• Click Apple Menu > System Preferences....
• Under Internet & Network, click "Sharing."
• Click "Firewall."
• Click "Start."
• Click the "System Preferences" menu and then "Quit."

TOP