Internet Safety and Cybersecurity Awareness for College Students
| Victoria Leigh Modified on March 23, 2022
Are you ready to find a school that's aligned with your interests?
According to 2016 data from the U.S. Census Bureau, 89% of American households had a computer and/or smartphone, and 81% of American households had a broadband internet subscription. We rely on the internet for communication, entertainment, healthcare access, financial services, and, increasingly, higher education.
In fall 2018, nearly 7 million college students enrolled in at least one distance education course, and 3.2 million attended classes exclusively online.
However, the world wide web does much more than just enable us to Zoom into virtual classroom meetings. College students access the internet every day for work and pleasure — to complete research for essays and assignments, stay in touch through social media, make online purchases, and seek out the latest in entertainment.
The sheer amount of information and data we share online opens us all up to cybersecurity threats. The risk is often more pronounced for young people and college students who are statistically more likely to fall for fraud scams than older adults and who use social media at higher rates than other age groups.
Why Cybersecurity Awareness is Important
CSO Online — a leading information source for chief security officers and senior executives — recently examined industry surveys and research studies to get a sense of the current cybersecurity landscape. Some of their findings were startling:
- Every minute, $17,700 is lost due to phishing attacks.
- 94% of malware is delivered via email.
- 63% of companies said their data was potentially compromised within the last year.
- 60% of data breaches involve vulnerabilities that could have been avoided if an available security update or patch had been applied.
It's a dangerous world out there. Modern cybercriminals and hackers use increasingly sophisticated means to access our most sensitive data and personal information.
These days, you don't even need to click on an infected link in order to wind up with hidden malware that can log your keystrokes, scan your system for personal files, or hijack your online banking sessions. Phishers frequently spoof websites, email addresses, and social media profiles to manipulate user trust and gain access to personal information. Popular services like free Wi-Fi, ATMs, and public computers can all lead to data compromise, financial loss, and identity theft.
As we increasingly digitize our lives, we put ourselves at greater risk. Whether you are about to enter your first or final year of college, it's never too late to brush up on internet safety tips and increase your cybersecurity awareness.
The best way to fight cybercrime is through prevention. Use the following statistics, stories, and tips to arm yourself both on and off campus.
Interested in Studying or Pursuing Cybersecurity? Learn More About Degrees and Rewarding Careers in the Information Security Sector:
Computer and Mobile Security Vulnerabilities
Cybercrime is on the rise around the world, driven by an increased use of social media, cloud storage, digital downloads, and mobile and online payments. Consumers' personal and financial data is everywhere, and hackers are getting smarter at retrieving it. Computers and mobile devices are particularly vulnerable to malware, ransomware, and phishing attacks targeting social security numbers, credit card information, and bank account data.
Compared to all other major industries, recent research found that the education sector ranked last in terms of cybersecurity performance. This makes it more important than ever for college students to take responsibility for their own internet safety.
- Computer and smartphone software updates help patch security flaws and protect data. It's time to stop clicking "Remind Me Tomorrow" when your Mac asks to download and install updates.
- Only download software directly from manufacturers and other trusted sources. Across the web, hackers use convincing fakes (urgent update alerts, download pages, etc.) to spread malware and ransomware to unsuspecting users.
- Invest in strong, trusted virus and spyware protection, whether you own a Mac or PC. Scan your computer at least once a week.
- Backup your computer periodically to an external hard drive and/or cloud-based storage system in case you need to recover data and files after a cyberattack.
- When surfing the web, enable pop-up blocking and consider private browsing. Cookies can open security loopholes for hackers, so it's best to delete them periodically.
- Closely monitor your credit rating, credit cards, and bank accounts. Set up text notifications that alert you to possible fraudulent activity.
- Today's phishing scams use sophisticated replicas of login pages. Before accessing your school email, Canvas account, or online banking, make sure the web address is correct. Never submit sensitive information like usernames, passwords, or credit card numbers through an HTTP website.
- Remember that your online activities can put other students at risk. Cyberattacks that originate on your computer can spread to other devices — even throughout the entire university system.
- According to a 2015 study, approximately 12 million monthly users were infected with malware after downloading torrent files. Resist the temptation to download the latest Hollywood blockbuster or the digital version of your expensive calculus textbook. It isn't worth putting your personal and financial data at risk.
- Avoid taking or storing private photos on your devices. No matter how secure you think your files are, someone may still gain access to them.
- Before ditching your old computer, consider downloading antitheft apps or software to help overwrite your data. On a Mac, the built-in Disk Utility app can wipe and overwrite a drive.
- Remove or erase your old phone's SIM and micro SD cards.
- Instead of reselling on eBay, consider recycling your old devices directly with the manufacturer. You may even earn credit toward a new replacement.
Top Online Programs
Explore programs of your interests with the high-quality standards and flexibility you need to take your career to the next level.
Password Security Weaknesses
Passwords offer relatively weak protection for personal information and data for a number of reasons — namely that their effectiveness depends on the human user. Most of us are guilty of reusing passwords, sharing passwords with others, or writing passwords down in easily accessible locations.
Hackers use a variety of techniques to crack passwords, including brute force attacks, phishing, and keylogger software. You may not be able to protect yourself from every method, but poor password habits can make it all too easy for strangers to gain access to your devices, social media, and financial accounts.
- Avoid using birthdays, family and pet names, locations, and standalone words. Hackers can source this information through social media and dictionaries.
- Research shows that changing passwords regularly is often unhelpful, as users tend to make minor changes that are easy to guess. Instead, focus on creating an effective password that will last, and only change it if your account has been compromised.
- Enable two-factor authentication when available. This can protect your account from a breach even if a hacker correctly guesses your password.
- Store your passwords with care. This means no sticky notes on your desk, no lists emailed to yourself, and no unprotected documents in cloud storage. Instead, consider password management apps, password-protected documents, or handwritten hints kept in a secure location away from your device.
- Do not use the same passwords for all of your accounts. Instead, create different password tiers according to the level of data/information sensitivity. You might consider reusing passwords for Netflix, Instagram, or Spotify, but create unique passwords for your bank, credit card, and school accounts.
- Whether you reuse them or not, follow the tips in the previous section to make your passwords hard to crack.
- Other information to avoid storing in address books includes bank PINs, account numbers, health information, and passwords.
- Instead, store data in a password-protected file or a handwritten note kept in a secure place.
- Many password management apps offer secure "Notes" sections, too.
Phishing is a hacking method in which fraudulent emails, websites, and other forms of electronic communication are used to obtain sensitive information like usernames, passwords, and credit card details. Phishing was the leading cause of data breaches in 2019 and 2020, according to Verizon's annual Data Breach Investigations Report.
Young people often start seriously handling their own finances for the first time in college, taking on the responsibilities of credit cards, loans, and bank accounts. This abundance of sensitive data, combined with inexperience, makes college students an ideal target for phishing attacks. Cybersecurity awareness is the best way to keep yourself safe.
- It's a good rule of thumb to distrust every piece of email that lands in your inbox. Double check the email address of the sender for phishing giveaways like a wrong domain.
- Phishing emails often foster a false sense of urgency, hoping recipients will ignore the warning signs and engage without thinking. Watch out for emotional messages concerning account suspension, money owed, or limited-time offers.
- These days, most legitimate emails address recipients by name. Be suspicious of impersonal, generic greetings, like "Dear user," or "Dear valued customer."
- If the email includes a link, study the URL carefully. Look for that secure "HTTPS." Rather than clicking the embedded email link, which can immediately give hackers information, independently type the address into your browser to see where it takes you.
- Treat email attachments with care. Never open one unless you can verify the sender and are expecting the attachment in question. Remember that even trusted email addresses can send infected attachments if they've been compromised.
- Avoid downloading and installing software sent to you via email. Instead, visit the manufacturer's site for a download.
- Verify anything unusual. Double check with the sender before opening an attachment.
- If an email seems "off" to you, do a quick Google search to see if similar phishing scams have been reported.
- Distrust unusual callers, especially those who use an "unknown number" ID. Let your voicemail take care of things. Remember that caller IDs can also be spoofed.
- Never give your personal or financial data out to someone who calls you. Legitimate university offices will not insist on wire transfers or immediate payments over the phone. Government agencies like the IRS never cold call citizens.
- If a suspicious caller claims to represent your university, hang up and call the school directly to confirm and follow up.
- Avoid clicking on links in text messages. Be suspicious of shortened URLs like bit.ly addresses, which may be used to hide a link's true destination.
- Keep your phone's software updated to address any security vulnerabilities.
- If you suspect your device has been infected by malware, report the issue to the manufacturer.
Social Media Dangers
According to a 2011 study by Experian Simmons, 98% of college-aged students use social media. YouTube, Instagram, Facebook, and Snapchat are the most popular options among teens and young adults, followed by Twitter, Pinterest, and Reddit. Social media can offer a beneficial, direct pathway to connection with others, but there are plenty of risks associated with social networking, too.
Social media sites leave users open to bullying and harassment from anonymous trolls, mean-spirited acquaintances, and overbearing friends, family members, or partners. One wrong move on social media can lead to hacking, distribution of private photos, or financial scams.
- Refrain from posting personal information on public-facing social media, including your phone number, home address, location, or name of your school.
- Be cautious about posting photos that could allow strangers to identify your location. Disable geotagging on all social media platforms.
- Frequently check the security settings of your social media accounts.
- Do not accept friend requests from students and other individuals you don't know.
- Avoid sharing details about when you'll be away from home. Burglars may use this information to target your unoccupied residence.
- Communicate in clear terms that you wish to be left alone.
- Use social media features to cut off the perpetrator. This may include blocking the user, limiting who can view your posts, or increasing the privacy settings of your accounts.
- Document the issue by taking screenshots, recording phone calls, and saving emails, texts, and voice messages.
- Report the problem to the social media provider and/or campus police.
- Consider reaching out to your school's counseling center or a crisis helpline.
- The only way to entirely protect yourself from nonconsensual pornography is by not taking or sharing intimate photos, even with a trusted partner.
- If you do take intimate photos, store them in an encrypted, password-protected folder on your computer, never in cloud storage. Remember that apps like Snapchat can be hacked and monitored remotely.
- If you become a victim of nonconsensual pornography, document and report it to the social media provider and campus police. Consider reaching out to your school's counseling center or a crisis helpline.
- Hackers can easily identify your personal interests and tailor messages, posts, and scams accordingly. They may hijack accounts or create imitations to make you think you're talking to your best friend or your sibling. Stay alert and suspicious.
- We all want to know what Disney character our profile picture most resembles, but it's best to avoid Facebook polls and quizzes that require you to give random sites permission to access your account information. You never know where it might end up.
- When it comes to social media, the old adage applies: "If it seems too good to be true, it probably is." No one will give you a free car if you like and share a post.
- Again, things that seem too good to be true typically are, at least when it comes to social media. Carefully scrutinize any and all offers of financial assistance.
- Legitimate scholarships rarely ask for application or processing fees. If you need to spend money before receiving any in return, it's likely a scam.
- Watch out for fake online personas or spoofed accounts of real people. Before accepting any financial assistance or providing any personal information, always verify the identity of the person you're connected to.
Campus Thefts and Scams
Due to the novel coronavirus pandemic, the future of living and learning on college campuses is largely up in the air. Some schools plan to hold virtual classes through 2021, while others have chosen to experiment with in-person attendance options, with varying rates of success.
If and when you find yourself back on a college campus, you need to consider more than just basic internet safety. A new host of risks emerge in busy college environments, including the physical safety of your devices, unique opportunities for hackers to spread malware, and risks associated with communal computers.
- Always lock your dorm room when you leave, even if you only plan to be gone for a few minutes.
- Invest in a laptop cable lock. Use it in public spaces to help keep your laptop secure.
- Never store your laptop in a car, even if it's kept out of sight.
- Register your laptop and phone with the campus security office. The brand, model, and serial number is attached to your name, student ID, and contact information. You might also receive a registration sticker to put on your device, which can act as a deterrent for would-be thieves.
- Enable your devices' built-in tracking features, such as Apple's "Find My" app, or download a comparable program like Prey or Absolute.
- Regularly backup your devices and files to a cloud storage system and/or external hard drive. This ensures you always have access to what you need and gives you the option to remotely erase your devices if they are stolen.
- Distrust any device you find on campus, whether a USB drive, laptop, or cell phone.
- Do not plug any unknown devices into your computer in an attempt to identify the owner. Take them to your school's lost and found or IT department.
- To mitigate risk of infection, avoid sharing USB drives with others, and be cautious when plugging them into public computers. Use security software to scan any device given to you, even by a trusted friend.
- When possible, avoid logging into websites when using public computers. If you do need to login, don't forget to logout before you leave.
- Never use a public computer to complete a financial transaction, download software, or visit sketchy websites.
- Use private browsing options or clear your browsing data before logging off.
- Be aware of your surroundings. Shoulder surfers may try to snag usernames, passwords, and other sensitive information.
Travel and Off-Campus Data Security Threats
College campuses come equipped with well-protected Wi-Fi networks to keep your data safe, but when you travel off campus for vacation, academic field trips, or a weekend study session at the local Starbucks, take extra precautions. Hackers and other cyber criminals love taking advantage of public locations because they typically provide lax cybersecurity protections, a wealth of unsuspecting victims, and relative anonymity.
Most of us are traveling considerably less in the face of COVID-19, but it's never a bad idea to brush up on your cybersecurity awareness.
- Know when and where you're connecting by disabling your devices' ability to automatically connect to nearby Wi-Fi.
- Verify the legitimacy of a network before you connect. Hackers may set up their own Wi-Fi connections near trusted businesses in an attempt to trick unsuspecting users into logging on.
- Avoid using public Wi-Fi to shop online, access financial information, or visit sensitive websites. Enable two-factor authentication to protect your social media and email accounts.
- Use a free or paid virtual private network (VPN) service to encrypt your data.
- The best way to avoid the pitfalls of public Wi-Fi is to simply avoid using it. Consider an unlimited data plan or your own portable travel router.
- Before use, check an ATM for any unusual added devices.
- If you have trouble inserting your card, this may be a sign of an internal skimmer. Do not use the machine.
- Always cover an ATM's keypad with your hand when entering your PIN. Be alert for shoulder surfers standing too close.
- Write down your bank's customer service phone number and keep it on hand. If you lose your card or think your information has been compromised, call the number to freeze your accounts.
Internet Safety and Security Awareness Resources for Students
- CiviliNation is a nonprofit working to fight online harassment, character assassination, and violence. The organization believes in defending free speech and fostering an online culture in which individuals can fully engage and contribute without being targeted by abuse, harassment, or lies. Their website offers an extensive library of informative content and a resource center.
- The National Cybersecurity Alliance aims to empower a more secure, interconnected world through education and amplification of cybersecurity awareness. NCSA's website offers resources for online safety, identity theft, account and device security, and privacy management. The site also refers visitors to more than a dozen free security checkups and tools.
- Stop. Think. Connect. is a global online safety awareness campaign led by NCSA, the Anti-Phishing Working Group, and the U.S. Department of Homeland Security. The campaign's site offers helpful basic safety advice. Users can also access targeted cybersecurity tip sheets, including considerations for LGBTQ online safety, digital wedding planning, and online holiday shopping.
- The Cyber Civil Rights Initiative is a nonprofit organization advocating for technological, social, and legal innovation in the fight against online abuse. CCRI primarily focuses on nonconsensual pornography, offering victim support including a 24/7 crisis helpline and links to resources for reporting, removal, and legal assistance.
- Without My Consent is a project headed by the CCRI that aims to empower individuals to understand and stand up for their online privacy rights. The site's extensive resources cover practical topics including evidence preservation, copyright registration, takedown notices, and emotional support.
- FightCyberstalking.org provides online resources for victims of cyberstalking on sites like Twitter, Facebook, Instagram, and YouTube. Site users can access advice on reporting cyberstalking crimes, seeking emotional support, and enhancing privacy and security online.
- Facebook, Instagram, Snapchat, Twitter, and YouTube each offer their own resources and reporting tools for hacked accounts and violations of other community guidelines (abusive behavior, inappropriate content, account impersonation, spam, etc.).
- Gmail Help provides dozens of articles on account safety and security guidelines. You can also access tools to report phishing emails and other violations of Gmail's policies.
- The FBI Internet Crime Complaint Center (IC3) allows victims of Internet crime to file a complaint. The IC3 does not conduct its own investigations. Rather, it reviews submitted information and, when appropriate, forwards it on to federal, state, local, or international agencies with jurisdiction. The site also offers tips for Internet crime prevention.
- IdentityTheft.gov is the federal government's one-stop resource for identity theft victims. The site offers extensive resources and tools to help you avoid, recognize, report, and recover from identity theft.
- The IRS will never contact you by email, text, phone call, or social media to request personal or financial information like PIN numbers and passwords. If you receive unsolicited or suspicious contact from someone claiming to be from the IRS, report the incident with the Treasury Inspector General for Tax Administration and to email@example.com. Learn more about phishing on the IRS website.
- The experts at your school's office of information technology services can help you recover data from a hacked device, provide free security software such as VPNs and antivirus programs, and offer tips and tutorials for cybersecurity awareness and internet safety. Online students may not be able to visit the technology services office in person, but nearly every school offers some level of remote tech support. Always report issues, like phishing emails sent to your school email, to this office.
- Campus police and campus safety departments are in place to protect students, staff, and campus facilities. If you become a victim of cyberbullying, online harassment, or stalking, it's important to file a report with school police. Make sure to supply documentation as evidence, including screenshots, emails, or text messages. Campus safety officers will respond to your allegations and provide you with tips to protect your digital and physical safety.
- If you face online harassment or cyberbullying, it's important to reach out for emotional support. Student counseling services offer a variety of basic services from trained and licensed mental health professionals. Students located on campus can take advantage of one-on-one counseling or group counseling. Many schools also offer online and phone counseling options for students who can't come to campus.
- Specifically designed to serve remote learners, your school's online student services department can direct you to the resources you need while attending college away from campus. If you aren't sure where to turn for help, these caring staff members are a great first place to go.
Frequently Asked Questions
How can students protect themselves online?
College students can protect themselves online by understanding internet safety trends, keeping their devices' software up-to-date, and limiting risky behaviors like oversharing personal information, downloading software from unverified sources, or visiting illegal sites.
What is digital safety?
Digital safety is an alternative term for internet safety. It encompasses both cybersecurity awareness and putting that knowledge into action to reduce risks to private information, property, and personal well-being.
How can you be safe on social media?
To stay safe on social media, college students should frequently evaluate their privacy and security settings, avoid accepting friend requests from strangers, and carefully consider what they choose to reveal in status updates or photos.
What should you not do on the internet?
Never send sensitive information like passwords over public Wi-Fi. Avoid using the same password for your social media, school account, and online banking. Resist the temptation to download pirated content, which may carry malware and/or subject you to legal penalties.
- Top Schools
- Top 18 Online Cybersecurity Bachelors Degrees
- Top 20 Online Bachelors in IT Degrees
- Top 30 Online Certificate Programs
- Top 17 Online Computer Forensics Programs
- Top 25 Online Masters Degrees
Take the next step toward your future.
Discover programs you’re interested in and take charge of your education.