Internet Safety and Cybersecurity Awareness for College Students

by

Updated January 20, 2023

check mark Reviewed by

Our Integrity Network

CyberDegrees.org is committed to delivering content that is objective and actionable. To that end, we have built a network of industry professionals across higher education to review our content and ensure we are providing the most helpful information to our readers.

Drawing on their firsthand industry expertise, our Integrity Network members serve as an additional step in our editing process, helping us confirm our content is accurate and up to date. These contributors:

  • Suggest changes to inaccurate or misleading information.
  • Provide specific, corrective feedback.
  • Identify critical information that writers may have missed.

Integrity Network members typically work full time in their industry profession and review content for CyberDegrees.org as a side project. All Integrity Network members are paid members of the Red Ventures Education Integrity Network.

Explore our full list of Integrity Network members.

Learn about the most common cyber attacks on college campuses, from phishing attempts to social media hacks, and how students can protect themselves.

CyberDegrees.org is an advertising-supported site. Featured or trusted partner programs and all school search, finder, or match results are for schools that compensate us. This compensation does not influence our school rankings, resource guides, or other editorially-independent information published on this site.

Are you ready to discover your college program?

Credit: Klaus Vedfelt / DigitalVision / Getty Images

We increasingly rely on the internet and digital devices for daily tasks like communicating with each other, accessing financial services, and working and learning remotely.

In 2018, 92% of American households had at least one computer, smartphone, or tablet, and 85% had broadband internet, reported the U.S. Census Bureau. The percentage of Americans using the internet has risen from 52% in 2000 to 93% in 2021, according to the Pew Research Center.

The Covid-19 pandemic accelerated the trend of distance education in higher learning. In the fall of 2020, 75% of college students enrolled in at least one distance education course.

The extensive use of digital devices and sharing information online can open you up to various cybersecurity dangers. Understanding how to protect yourself from these dangers is crucial.

The best way to fight cybercrime is through awareness and prevention. Use the following statistics, stories, and tips to arm yourself on and off campus.

Why Cybersecurity Awareness Is Important

Cyberattacks are malicious attempts to breach computers and information systems.

Cybercriminals often seek to use others' digital data to benefit themselves. They use phishing scams and other social engineering techniques, malware, and ransomware to attack individuals and organizations.

Cybersecurity Fast Facts

20% of Gen Zers and 18% of Millennials have had their identity stolen at least once

2.76 million cybercrime complaints reported to the FBI from 2017-2021

$18 billion in total losses due to cybercrime from 2017-2021

6.95 million new phishing and scam pages created in 2021

Sources: National Cybersecurity Alliance, FBI Internet Crime Center, Bolster

The number of cyberattacks continues to rise each year with the addition of networked devices. Cybercriminals have also developed more sophisticated tactics to gain access to private information. Cybersecurity Ventures estimates that by 2025, cybercrime costs may cost the U.S. $10.5 trillion yearly.

The FBI Internet Crime Complaint Center (IC3) reported an increase in suspected internet crimes from 300,000 in 2019 to 791,790 in 2020, with losses exceeding $4.1 billion. The FBI IC3 report for 2021 reports a 7% increase from 2020, with losses exceeding $6.9 billion

Cyberattack victims can suffer financial, legal, and psychological consequences. Cybercriminals can steal personal information and damage reputations.

Although college students may think of themselves as tech-savvy digital natives, 2021 research by Atlas VPN found that millennials and Gen Z were the most likely age groups to fall for phishing emails.

Whether you are about to enter your first or final year of college, it's never too late to brush up on internet safety tips and increase your cybersecurity awareness.

Computer and Mobile Security Vulnerabilities

Cybercrime is on the rise worldwide, driven by increased devices, social media use, cloud storage, digital downloads, and mobile and online payments. Consumers' personal and financial data is everywhere, and hackers are getting smarter at retrieving it.

Computers and mobile devices are particularly vulnerable to malware, ransomware, and phishing attacks targeting social security numbers, credit card information, and bank account data.

The 2022 Cybersecurity Almanac reported that with nearly 5.3 billion mobile devices worldwide, security threats are on the rise, with mobile devices accounting for more than 60% of digital fraud.

It's more important than ever to take responsibility for the safety of your computer and mobile devices while in college.

When You Don’t Protect Your Computer and Mobile Phone

Today, hacking is not a question of "if" but "when." In 2021 alone, 1,043 schools faced ransomware attacks, reports Emsisoft. No matter how secure your university networks claim to be, you must take additional steps to protect your personal devices.

Malware, a type of software that gives unauthorized access to systems and devices, was a leading cyberattack method in 2022, according to a survey by UpCity.

To keep your tech safe from cyberattacks, experts recommend installing all software updates, arming yourself with cybersecurity tools like antivirus software, and regularly backing up your data. Remember that hackers don't discriminate. Never assume that hackers won't target your information.

Follow these steps to help protect your tech against cybercrime:

  • Computer and smartphone software updates help patch security flaws and protect data. It's time to stop clicking "Remind Me Tomorrow" when your Mac asks to download and install updates. Better yet, turn on automatic updates for all operating systems, devices, and applications, especially your web browsers.
  • Only download software directly from manufacturers and other trusted sources. Across the web, hackers use convincing fakes (urgent update alerts, download pages, etc.) to spread malware and ransomware to unsuspecting users.
  • Invest in strong, trusted virus and spyware protection, whether you own a Mac or PC. Scan your computer at least once a week.
  • Backup your computer periodically to an external hard drive and/or cloud-based storage system in case you need to recover data and files after a cyberattack.
  • When surfing the web, enable pop-up blocking and consider private browsing. Cookies can open security loopholes for hackers, so it's best to delete them periodically.
  • Ensure valid SSL certificates on websites before entering any credit card or personal information (look for a lock next to the website URL).
  • Closely monitor your credit rating, credit cards, and bank accounts. Set up text notifications that alert you to possible fraudulent activity.

When You Visit Unsecure or Torrent Websites

While browsing, you might have noticed that some website addresses begin "HTTP," while others start with "HTTPS." That single letter makes a huge difference. HTTPS websites use a Secure Sockets Layer (SSL) connection that encrypts user communications and data, making them more secure for users.

Another way to determine if you are visiting a secure website is to look for the lock icon in your browser window. Unsecure HTTP sites enable hackers to view transferred information, including login credentials, in plain text format.

Torrent websites like The Pirate Bay host massive digital content repositories, including movies, music, video games, and software. Anyone can access this content at no cost, but torrenting is not risk-free. Dangers include infection from malware, penalties from your internet service provider, and legal settlements from copyright holders.

  • Do not visit an unsecure website if you can avoid it. If you must visit one, do not enter any sensitive information.
  • Today's phishing scams use sophisticated replicas of login pages. Before accessing your school email, online learning platform, or bank account, make sure the web address is correct. Never submit sensitive information like usernames, passwords, or credit card numbers through an HTTP website. For example, phishers frequently make fake sites that look like the official PayPal website to get access to users' credentials.
  • Remember that your online activities can put other students at risk. Cyberattacks that originate on your computer can spread to other devices — even throughout the entire university system.
  • Think before you click. You can infect your computer just by clicking on an email link. Type the website into your browser instead of clicking on an embedded link.
  • Keep your browser, browser extensions, and operating system updated to reduce your risk of being hacked when visiting an unsecure website.

When You Discard or Sell Old Devices Without Wiping Them Clean

If you get rid of or lose your smartphone or computer without wiping your data, the new owner may be able to access your contacts, texts, social media accounts, and photos. In the hands of a bad actor, the consequences can be very harmful, potentially leading to identity theft.

Whether you plan to throw away, resell, recycle, or trade in your old computer or phone, you must take steps to permanently erase your data and ensure it's inaccessible.

  • Factory-reset your device. If applicable, start by transferring your information to your new device. Then, remove your personal information from the old device. Erase your iPad or iPhone.
  • Consider downloading antitheft apps or software to help overwrite your data. On a Mac, the built-in Disk Utility app can wipe and overwrite a drive.
  • Remove or erase your old phone's SIM and micro SD cards.
  • Instead of reselling on eBay or Facebook Marketplace, consider recycling your old devices directly with the manufacturer. You may even earn credit toward a new replacement.
  • Avoid taking or storing private photos you would not want other people to see on your devices. No matter how secure you think your files are, someone may still gain access to them.

Password Security Weaknesses

Passwords offer relatively weak protection for personal information and data — their effectiveness depends on the user. Most of us are guilty of reusing passwords, sharing passwords with others, or writing passwords down in easily accessible locations.

Hackers use various techniques to crack passwords, including brute force attacks, phishing, and keylogger software. You may not be able to protect yourself from every method, but poor password habits can make it easy for strangers to access your devices, social media, and financial accounts.

When Your Password Is Too Easy

If you use easy-to-guess passwords, you're not alone. Millions of people still rely on notoriously simple combinations like "123456," "password," and "admin" to protect their accounts.

Cybernews looked at 56 million breached and leaked passwords in 2022 and found that 111,417 cases used the password "123456."

When protecting your devices and data, passwords are the first line of defense. The best passwords are longer than eight characters and contain various characters, symbols, and numbers.

The Electronic Frontier Foundation recommends using a "passphrase" of three or more random words or a password manager like KeePassXC. The most variated 8-character password combinations only take 39 minutes to crack, while the most variated 18-character password combinations take 438 trillion years to crack, according to Hive Systems.

  • Check to see if your passwords are still secure. To find out if any of your passwords have been compromised, periodically use services like Google's Password Checkup.
  • Avoid using birthdays, family and pet names, locations, and standalone words. Hackers can source this information through social media and dictionaries.
  • Cybersecurity experts disagree about how often you should change your password. For example, some suggest changing your password every 3 months, while the National Institute of Standards and Technology (NIST) does not recommend scheduled password changes because it could lead to poor password habits and weaker passwords. However, all best practices recommend changing your passwords immediately after a data breach or if you discover malware.
  • Enable two-factor authentication when available. It can protect your account from a breach even if a hacker correctly guesses your password.
  • Store your passwords with care. Do not email lists to yourself, and do not leave documents unprotected in cloud storage. Instead, consider password management apps, password-protected documents, or handwritten hints kept in a secure location (like a locked desk drawer) away from your device.

When You Use the Same Password for Numerous Sites

We use passwords for everything, and remembering all those passwords can be difficult. Most people know they shouldn't use the same password for multiple accounts, but old habits die hard. A 2022 Ipsos poll conducted for Google found that two in three Americans reuse passwords for different online accounts.

We all know the pain of being temporarily locked out of our accounts after guessing too many incorrect combinations. Using the same password across multiple websites is incredibly tempting, but password reuse can pose a major cybersecurity risk.

  • Do not use the same passwords for all of your accounts. Create unique passwords for your bank, credit card, and school accounts.
  • The best way to ensure strong and unique passwords for your accounts is to use a trusted password manager that creates and stores passwords for you. You still need to create and remember one master password that unlocks all the others, but password managers simplify logging into all your accounts. Consider password managers like LastPass, 1Password, or Bitwarden.
  • If you don't want to use a password manager, consider using a password generator to help create unique passwords for each account.
  • Follow the tips in the previous section to make your passwords hard to crack.

When You Store Sensitive Data in Contacts on Your Phone

Contact apps store phone numbers, home addresses, email addresses, and birthdays. Information stored in our phone and contacts are protected by our mobile operating systems.

However, due to data syncing to cloud servers and other linked applications using this information, it's possible that contact information can be distributed elsewhere. Therefore, it's not a good idea to store your mom's credit card information or your friend's home security code in the "Notes" section of their contact page.

In a nod to the data privacy concerns that arise with phone contacts, the Freedom of the Press Foundation encourages journalists to protect their sources by securing their online address books. The organization points out that hackers may get access to any of the sensitive data you store on your phone when it backs up to the cloud.

You shouldn't try to hide your own sensitive information in Contacts, either. Work on memorizing your social security number instead of disguising it as a phone number under "Steven St. Nicholas."

Phishing Attacks

Phishing is a hacking method in which fraudulent emails, websites, texts ("smishing"), and other forms of electronic communication obtain sensitive information like usernames, passwords, and credit card details. The FBI Internet Crime Complaint Center (IC3) reported phishing was the most common cybercrime in 2021, with 323,972 victims that year and over $44 million in losses.

Young people often start handling their own finances for the first time in college, taking on the responsibilities of credit cards, loans, and bank accounts. This abundance of sensitive data, combined with inexperience, makes college students an ideal target for phishing attacks. Cybersecurity awareness is the best way to keep yourself safe.

When You Follow a Fake Link or Reply to a Fake Email

Phishing emails are a tried-and-true method for hackers to obtain personal or private information. In 2021, phishers targeted U.S. universities by sending emails that tricked recipients into submitting their Microsoft Office 365 credentials on a fake online portal.

More recently, since the Biden administration opened the application for student loan forgiveness, college students have been the target of student loan debt relief phishing scams.

These emails claim to be able to put applicants in the front of the line and then ask for payment or personal details like your credit card information or bank account number.

Phishing emails typically appear to come from trusted senders and request that you verify banking details, login credentials, or credit card information. These emails may feature the same layout, color scheme, and language of the real entity, and may link to a site specifically designed to spoof the real thing.

Recognize and avoid phishers with the following tips:

  • It's a good rule of thumb to distrust every piece of email that lands in your inbox. Double check the email address of the sender for phishing giveaways like a wrong domain or contain misspellings.
  • Phishing emails often create a false sense of urgency, hoping recipients will ignore the warning signs and engage without thinking. Watch out for emotional messages concerning account suspension, money owed, or limited-time offers.
  • These days, most legitimate emails address recipients by name. Be suspicious of impersonal, generic greetings, like "Dear user," or "Dear valued customer."
  • If the email includes a link, study the URL carefully. Look for that secure "HTTPS." Rather than clicking the embedded email link, which can immediately give hackers information, independently type the address into your browser to see where it takes you.
  • Make it more difficult for phishers to get into your account by setting up multi-factor authentication.

When You Open an Infected Attachment

Fake emails with infected attachments are a common phishing scam. In some cases, these attachments may be perfectly harmless, but many contain malware and other nasty features, activated with just a click. Using these tools, phishers can steal sensitive information, demand a ransom for the safe return of your data, or even remotely take over your device.

For example, a 2022 phishing scam targeting Microsoft Windows users tricked email recipients into downloading a Microsoft Excel attachment that delivers three types of malware. Students received several such emails a week, often with suspicious attachments that they should be careful not to open.

Millions of people received an email containing dangerous coronavirus malware in 2020, including 10% of all organizations in Italy. The email got people to inadvertently install a trojan downloader that allowed hackers to steal their private data and spy on them.

Review these tips before opening an email attachment:

  • Treat email attachments with care. Never open one unless you can verify the sender and are expecting the attachment in question. Remember that even trusted email addresses can inadvertently send infected attachments if they've been compromised.
  • Avoid downloading and installing software sent to you via email. Instead, visit the manufacturer's site for a download.
  • Verify anything unusual. Double check with the sender before opening an attachment.
  • If an email seems "off" to you, do a quick Google search to see if similar phishing scams have been reported.
  • If you think you opened a harmful attachment, try updating your computer's security software, running a scan, and removing anything it identifies as a security issue.

When You Answer a Suspicious Phone Call

College students love texting and social media, but sometimes we still need to pick up the phone for an old-fashioned call. Phone scams are a popular tactic of phishers looking for financial information, largely because they are proven to work.

For example, robocalls cost Americans over $29 billion in 2021, according to Connecticut Attorney General, William Tong. In 2022, an international master's student in Canada lost nearly $11,000 to phone scammers who falsely threatened her with deportation for supposed criminal activity, reports CBC.

Recently, major mobile carriers, including T-Mobile, AT&T, and Sprint introduced scam protection features to help fight phishing calls.

You can see this in action when your caller ID labels an incoming number as "scam likely" or "potential fraud." This screening feature checks callers against a database of reported scam numbers.

Unfortunately, some phishing calls still slip through. Watch out for scams related to scholarships and financial aid, employment, and student loan debt relief.

Protect yourself from suspicious calls with these tips:

  • Distrust unusual callers, especially those who use an "unknown number" ID. Let your voicemail take care of things. Remember that caller IDs can also be spoofed.
  • Never give out your personal or financial data to someone who calls you. Legitimate university offices will not insist on wire transfers, payment by gift card, or immediate payments over the phone. Government agencies like the IRS never cold call citizens.
  • If a suspicious caller claims to represent your university, hang up and call the school directly to confirm and follow up.
  • If you get a call accusing you of a crime and demanding money, hang up. Call the official number for the organization the caller says they represent to find out if the call is legitimate.
  • If you think you may be the victim of a phone scam, contact your local police to report it immediately.

When You Follow a Malware Link in a Text

Many phishing attempts depend on tricking the recipient into providing sensitive information. But, more malicious phishing texts can contain links to malwareDouble-check your activity, data, and files without your knowledge.

According to a RoboKiller report, over 58 billion spam text messages led to a loss of $10 billion for Americans in 2021.

In recent years, hackers have targeted both Apple and Android devices. Once discovered, manufacturers quickly develop software patches that address vulnerabilities and close security loopholes.

To protect your device from malware:

  • Avoid clicking on links in text messages. Be suspicious of shortened URLs like bit.ly addresses, which hackers may use to hide a link's true destination.
  • Do not reply to suspicious texts from companies about your account. Verify the company's phone number before calling them, as spam text messages will often provide a fraudulent phone number.
  • Keep your phone's software updated to address any security vulnerabilities. Turn on automatic updates when possible.
  • If you suspect your device is infected with malware, report the issue to the manufacturer. Forward suspected spam messages to 7726 — a spam reporting service recommended by the Federal Trade Commission (FTC).

Social Media Dangers

About 7-in-10 Americans use social media, reports the Pew Research Center. According to their 2021 survey, 76% of 18- to 29-year-olds used Instagram, 75% used Snapchat, and 55% used TikTok.

We use social media to stay in touch with new and old friends, entertain ourselves, and explore identities. However, social media use may be linked to anxiety and depression, according to a 2021 Social Science Research Network paper. College students may also experience harassment and cyberbullying or fall victim to online scams.

When You’re Harassed, Bullied, or Stalked on Social Media

A 2021 Pew Research Center survey found that about 4-in-10 Americans experienced online harassment, including anything from offensive name-calling and purposeful embarrassment to stalking and physical threats. Even more disturbingly, 64% of U.S. adults under 30 experienced online harassment.

Cyberbullying poses a real danger to victims' mental and emotional health. In extreme cases, online harassment and stalking can threaten your physical safety and security. To protect yourself against cyberbullies, consider the following tips:

  • Refrain from posting personal information on public-facing social media, including your phone number, home address, location, or school's name. Consider making all your accounts private and only accepting invitations from people you know.
  • Be cautious about posting photos that could allow strangers to identify your location. Disable geotagging or location services on all social media platforms.
  • Use strong passwords for your social media accounts to keep your info safe. Strong passwords are typically 14-16 characters and include a combination of letters, numbers, and symbols.
  • Frequently check the security settings of your social media accounts.
  • Avoid sharing details about when you'll be away from home. Burglars may use this information to target your unoccupied residence.
  • If you use a public computer, log out of all accounts when you are done.

If you become the target of cyberbullying or harassment:

  • Don't respond to cyberbullies or forward their messages.
  • Use social media features to cut off the perpetrator. This may include blocking the user, limiting who can view your posts, or increasing your account's privacy settings. In extreme cases, consider deleting your account completely.
  • Document the issue by taking screenshots, recording phone calls, and saving emails, texts, and voice messages.
  • Report cyberbullying to the social media provider, law enforcement, and your school.
  • Consider contacting your school's counseling center or a crisis helpline.

When You're Hacked Through a Social Media Post

Hackers attack every 39 seconds for an average of 2,244 attacks per day, reports Security Magazine. Phishers and hackers commonly use spoofed accounts, hacked accounts, and fake pages to send and share malicious links disguised as surprising or enticing videos, prizes or awards, or advertisements.

Malware ads include links that may lead to fake Facebook sign-in pages asking you to verify your credentials, other websites asking for personal information, or sites with drive-by download links. These sites automatically download malware to your device and potentially steal data without your knowledge.

Hackers can easily identify your interests and tailor messages, posts, and scams accordingly. They may hijack accounts or create imitations to make you think you're talking to your best friend or sibling. Always stay alert and suspicious.

We all want to know what Disney character our profile picture most resembles. Still, the Better Business Bureau recommends avoiding Facebook polls and quizzes that require you to give random sites permission to access your account information. You never know where your information might end up.

When it comes to social media, the old adage applies: "If it seems too good to be true, it probably is." No one will give you a free car if you like and share a post.

When You're Scammed by a Social Media Connection

Students can be scammed – intentionally or not — by their social media connections. In 2021, Murray State College in Tishomingo, Oklahoma announced that scammers targeted students with fake social media pages using the National Junior College Athletic Association's logo. These fake pages claimed to stream the school's athletic events in exchange for students' credit card numbers.

Cybercriminals can take advantage of students trying to save money by making financial promises that are too good to be true. Scammers might pretend to be fellow classmates, professors, alumni, or even employees at the financial aid office. Review some tips to protect yourself from social media scams:

  • Look out for fake online personas or spoofed accounts. Do not provide any personal information before you verify the identity of your social media connection.
  • Don't believe claims that are too good to be true. If you receive offers of financial assistance, look at them carefully and verify their legitimacy.
  • Most scholarships and other forms of financial assistance do not ask for processing or application fees. Consider this a red flag.

When You're the Subject of Non-Consensual Pornography

Broadly defined, non-consensual pornography is the distribution of private, intimate, or sexually explicit images and videos without consent. Also called "revenge porn," nonconsensual pornography is usually shared by the victim's ex-partner, often as a way to "get back" at the victim for perceived wrongdoing after a fight or break up.

Personal photos may also be obtained and shared by hackers. According to a 2020 study by the American Psychological Association, 1-in-12 Americans reported being the victims of revenge porn at least once in their lifetime.

As of 2022, 42 states and Washington, DC have specific laws on the books concerning the distribution of revenge porn. Potential penalties vary from misdemeanors to felonies, with consequences including probation, fines, and/or imprisonment.

  • The only way to entirely protect yourself from nonconsensual pornography is by not taking or sharing intimate photos, even with a trusted partner.
  • If you do take intimate photos, store them in an encrypted, password-protected folder on your computer, never in cloud storage. Remember that apps like Snapchat or Instagram can be hacked and monitored remotely.
  • If you become a victim of nonconsensual pornography, document and report it to the social media provider and campus police. Consider reaching out to your school's counseling center or the Cyber Civil Rights Initiative’s crisis hotline at 844-878-CCRI (2274).

Campus Thefts and Scams

If you attend a traditional on-campus academic program, you need to consider more than just basic internet safety. There are other cybersecurity risks to consider when living, working, and studying on a busy college campus. This includes the physical security of your digital devices, the risks of using public computers, and the potential to get hacked on campus.

When You Don’t Secure Your Laptop or Cellphone

It takes only seconds for a thief to swipe your smartphone, tablet, or laptop while you take a bathroom break or grab a coffee.

Losing your device could mean losing access to items stored on that device. You would also need to protect your personal information, report the crime to campus police, and spend hundreds of dollars on a replacement. College is hard enough without those hassles.

Follow these tips to keep your devices safe:

  • Never leave your laptop or other devices unattended in a public place or in your car (even if it's out of sight).
  • Always lock your dorm room or apartment when you leave, even if you only plan to be gone for a few minutes.
  • Invest in a laptop cable lock. Use it in public spaces to help keep your laptop secure.
  • Register your laptop and phone with the campus security office. The brand, model, and serial number are attached to your name, student ID, and contact information. You might also receive a registration sticker on your device, which can act as a deterrent for thieves.
  • Enable your devices' built-in tracking features, such as Apple's "Find My" app, or download a comparable program like Prey or Absolute.
  • Regularly backup your devices and files to a cloud storage system and/or external hard drive. This ensures you always have access to what you need and allows you to remotely erase your devices if stolen.
  • Do not leave sensitive information on your laptop, like credit card numbers or passwords.

When You Pick Up an Infected Device on Campus

Do not plug in unknown USBs, laptops, or cell phones into your personal devices.

Although some students now store most of their work in the cloud, USB devices are still popular places to save projects and assignments. USBs can contain malware, so putting one into your laptop could have serious consequences.

  • Distrust any device you find on campus, whether a USB drive, laptop, or cell phone.
  • Do not plug any unknown devices into your computer in an attempt to identify the owner. Take them to your school's lost and found center or IT department.
  • To avoid the risk of infecting devices, avoid sharing USB drives with others, and be cautious when plugging them into public computers. Use security software to scan any device given to you even by a trusted friend.

When You Use a Communal Workstation

According to a 2018 EDUCAUSE survey, about 9% of college students did not have access to a laptop. These students sometimes use their smartphones for school but rely on computer labs, library desktops, and other communal workstations to complete assignments.

Even students who own their own devices may rely on campus computers to stay connected, complete research, or do homework in a designated quiet area.

When the COVID-19 pandemic shifted most learning online, the option to work in a computer lab disappeared. In response, many universities began giving or loaning laptops to their students to increase equitable access to devices. Still, a personal laptop is not a guarantee at every school.

Schools offer protected networks to keep students safe from some cyberthreats, but communal workstations are not entirely without risk. They may expose you to malicious software, infected files, malware, or keyloggers.

  • When possible, avoid logging into websites when using public computers. If you need to log in, don't forget to log out before leaving.
  • Never use a public computer to complete a financial transaction, download software, or visit sketchy websites.
  • Use private browsing options or clear your browsing data before logging off.
  • Be aware of your surroundings. Shoulder surfers may try to snag usernames, passwords, and other sensitive information.

Travel and Off-Campus Data Security Threats

College campuses have protected Wi-Fi networks to keep your data safe, but take extra precautions when you travel off campus for vacation, field trips, or a study session at Starbucks.

Hackers and other cybercriminals take advantage of public locations because these areas typically provide lax cybersecurity protections, many unsuspecting victims, and relative anonymity.

When You're Hacked Via Free Wi-Fi

Many don't understand the dangers of using free Wi-Fi. We rely on the internet for countless daily personal and professional tasks.

Businesses and other public places know this and often use it to their advantage, offering Wi-Fi connections to attract customers and keep them happy. You can access free Wi-Fi connections in nearly every fast food restaurant, roadside hotel, and airport terminal.

Unfortunately, public Wi-Fi is not secure. Convenient connections can hide countless dangers. With free and inexpensive software, cybercriminals can easily snoop on public internet connections, intercept communications, and steal user data. Learn how to safely use public Wi-Fi networks with the tips below.

  • Know when and where you're connecting by disabling your devices' ability to connect automatically to nearby Wi-Fi.
  • Verify the legitimacy of a network before you connect. Hackers may set up their own Wi-Fi connections near trusted businesses to trick unsuspecting users into logging on.
  • Avoid using public Wi-Fi to shop online, access financial information, or visit sensitive websites. Enable two-factor authentication to protect your social media and email accounts.
  • Use a free or paid virtual private network (VPN) service to encrypt your data.
  • Avoid the pitfalls of public Wi-Fi by simply not using it. Consider an unlimited mobile data plan or a portable travel router.
  • Don't ignore security warnings from your web browser about potentially dangerous websites or programs.

Internet Safety and Cybersecurity Resources for Students

The cybersecurity resources below can help you get a handle on internet safety while in school.

Internet Safety Groups and Resources

  • The Federal Trade Commission's Online Privacy and Security website explains how to protect your devices and avoid online scams. Resources include explainers on protecting your computer from malware, what to know about romance scams, and how to secure your voice assistant.
  • The National Cybersecurity Alliance aims to empower a more secure, interconnected world through education and amplification of cybersecurity awareness. NCSA's website offers resources for online safety, identity theft, account and device security, and privacy management. The site also refers visitors to more than a dozen free security checkups and tools.
  • Stop. Think. Connect. is a global online safety awareness campaign led by NCSA, the Anti-Phishing Working Group, and the U.S. Department of Homeland Security. The campaign's site offers helpful basic safety advice. Users can also access targeted cybersecurity tips, including considerations for LGBTQ online safety, digital wedding planning, and online holiday shopping.

Advocacy and Support Groups for Online Victims

  • The Cyber Civil Rights Initiative (CCRI) is a nonprofit organization advocating for technological, social, and legal innovation in the fight against online abuse. CCRI primarily focuses on nonconsensual pornography, offering a 24/7 crisis helpline and links to resources for reporting, removal, and legal assistance.
  • Without My Consent is a project headed by the CCRI to empower individuals to understand and stand up for their online privacy rights. The site's extensive resources cover practical topics, including evidence preservation, copyright registration, takedown notices, and emotional support.
  • The Cybercrime Support Network is a nonprofit group that helps individuals and small businesses impacted by cybercrime. The organization also runs ScamSpotter.org, a website with information to help people avoid internet scams.

Reporting a Cybersecurity Issue on Social Media or Email

Reporting a Cybersecurity Issue or Crime to the Government

  • The FBI Internet Crime Complaint Center (IC3) allows victims of internet crime to file a complaint. The IC3 does not conduct its own investigations. Rather, it reviews submitted information and, when appropriate, forwards it to federal, state, local, or international agencies with jurisdiction. The site also offers tips for internet crime prevention.
  • IdentityTheft.gov is the federal government's one-stop resource for identity theft victims. The site offers extensive resources and tools to help you avoid, recognize, report, and recover from identity theft.
  • The IRS will never contact you by email, text, phone call, or social media to request personal or financial information like PINs and passwords. If you receive unsolicited or suspicious contact from someone claiming to be from the IRS, report the incident to the Treasury Inspector General for Tax Administration and phishing@irs.gov. Learn more about phishing on the IRS website.

Campus Resources

  • Your school's information technology office can help you recover data from a hacked device, provide free security software such as VPNs and antivirus programs, and offer tips and tutorials for cybersecurity awareness and internet safety. Online students may not be able to visit the technology services office in person, but nearly every school offers some level of remote tech support. Always report issues, like phishing emails sent to your school email, to this office.
  • Campus police and campus safety departments are in place to protect students, staff, and campus facilities. If you become a victim of cyberbullying, online harassment, or stalking, file a report with campus police. Make sure to supply documentation as evidence, including screenshots, emails, or text messages. Campus safety officers will respond to your allegations and provide tips to protect your digital and physical safety.
  • If you face online harassment or cyberbullying, it's important to reach out for emotional support. Student counseling services offer basic services from trained and licensed mental health professionals. Students located on campus can take advantage of one-on-one counseling or group counseling. Many schools also offer online and phone counseling options for students who can't come to campus.
  • Your school's online student services department can direct you to the right resources if you're an online student.

Additional Resources

Cybersecurity Resources for Professionals and Students

Cybersecurity Resources for Professionals and Students

Cybersecurity Resources for Underrepresented Populations

Cybersecurity Resources for Underrepresented Populations

Internet Safety Tips While Working From Home

Internet Safety Tips While Working From Home

Cybersecurity Resources on CyberDegrees.org

Cybersecurity Resources on CyberDegrees.org

FAQ About Internet Awareness and Cybersecurity for Students

  • How can students protect themselves online?

    College students can protect themselves online by creating strong passwords, keeping their devices' software up-to-date, and limiting risky behaviors like oversharing personal information and downloading software from unverified sources.

  • What is digital safety?

    Digital safety is another term for internet safety. It includes cybersecurity awareness, methods, and behaviors to reduce cybersecurity risks that can impact your private information, property, and personal well-being.

  • How can you be safe on social media?

    To stay safe on social media, college students should frequently evaluate their privacy and security settings, avoid accepting friend requests from strangers, and carefully consider what they choose to reveal in status updates or photos.

  • What are five internet safety tips for students?

    Create strong, unique passwords for all of your online accounts. Avoid using free Wi-Fi. Do not visit unsecure websites. Install new updates regularly. Keep your social media accounts private.

  • Why is cybersecurity important for students?

    Students spend a lot of their time online, and cyberattacks are increasing. Students who do not take cybersecurity seriously can open themselves up to hacking, identity theft, malware, and scams.


Page last reviewed on Dec 9, 2022

Recommended Reading

Take the next step toward your future.

Discover programs you’re interested in and take charge of your education.