Staying Cybersafe

Essential tips for staying cybersafe amid rising threats
At home. Abroad. At UCalgary.

Cyberbullying, online harassment, phishing, fraud and other cybercrime are on the rise. The invention of ChatGPT and other AI are helping to make these crimes more sophisticated and increasingly harder to spot. Cybercriminals are frequently targeting large organizations like universities and using phishing, ransomware and social engineering to steal money and ruin reputations.

The best defence against cybercrime is education – when you have the knowledge and tools to be an active participant in your own digital safety. The more you know the better able you will be to reduce opportunities for criminals to exploit digital vulnerabilities. Protecting your digital identity starts with good digital privacy practices which include things like keeping your devices patched and software up to date, maintaining password best practices, creating regular backups and being aware of what you are sharing online and with whom. Make these practices a regular part of your routine whether you are at home, on campus, or while you’re travelling.

Staying Safe in a Changing Digital Environment

Watch a recording of our webinar 'Staying Safe in a Changing Digital Environment' on social media and youth mental health, privacy protection and cybercrime presented by Calgary Police Services.

Watch Recording

Be mindful of Holiday shopping scams

Some online and social media advertisements pretend to be from legitimate sources when they are actually scams looking to steal your information. Ensure gift cards are legitimate and don't have exceptions, rules or fees. Research charities before donating and watch for fake vacation rentals.

Cyberbullying - The sending, posting, or sharing of negative, harmful, false, or mean content about another person. It can include sharing personal or private information that can embarrass or humiliate. Many cyberbullying activities can have legal and criminal consequences. Learn more from the Government of Canada.

Cyberstalking - A form of cyberbullying where there is repeated and deliberate use of the Internet and electronic communication tools to frighten, intimidate or harass someone.
Online Harassment - A form of cyberbullying where there is threatening behaviour or unwanted advances using the internet.
Doxing - Doxing or doxxing is the Internet-based practice of researching and broadcasting private or identifying information about an individual or organization. The methods employed to acquire this information include searching publicly available databases and social media websites, hacking and social engineering.
Swatting - Swatting is the dangerous and illegal act of reporting a false crime or emergency to evoke an aggressive response form a law enforcement agency (such as a SWAT team), to a targeted location. Examples include hostage situations or active shooters.

Two Individuals looking at computer screen

Phishing - Phishing is an impersonation of a person, corporation or other trusted institution with the intent to extract passwords or other sensitive information from the victim. It is a criminal activity utilizing social engineering techniques and is usually done through email or instant messaging.

Smishing – Another term for phishing used specifically for activities done over instant messaging.
Vishing – Another term for phishing used specifically for activities done over the phone or through VOIP services.
Quishing – Another term for phishing used specifically for activities using QR codes.
Social Engineering – Manipulating individuals into giving up private/confidential information that is later used to gain access to systems for nefarious purposes including stealing financial information.
Website Spoofing – when a fraudulent website is created to closely resemble a trusted brand/domain to trick that brand’s customers, suppliers, partners and employees to use it instead of the legitimate website. Usually for purposes of stealing login and financial information.

Identity Theft – When cybercriminals steal your identifiable data including your name, driver’s license, social security information, credit card information etc. to commit fraud, steal property, and misappropriate goods or services in your name.
Online Sexploitation/Sextortion – When someone threatens to distribute your private and sensitive material if you don't provide them images of a sexual nature, sexual favours, or money.
Online Scams – the offering of fake services, goods or rewards. Examples include charity fraud, gambling fraud, Ponzi schemes, online ticket fraud, fake gift cards, automotive fraud and fake job ads.

Adware – software that is used to push unwanted advertisements (like popups) to users
Botnets – Large numbers of “robots” used over a “network” to spread malicious files and software, infect systems, steal data etc.
Dialers – call center software that automates the calling process and documents the outcome of the calls.
Exploit Kits – a software toolkit used to take advantage of loopholes and bugs in programs remotely.
Flood Attacks – When botnets are used to target IP addresses and domains with the intent to overwhelm servers with requests so that regular services fail, and legitimate users are unable to connect.

Malware – software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
Potentially unwanted programs – software that you never requested/installed but ended up being installed on your device. Usually found bundled with other software you did agree to download. Examples include adware, spyware, dialers and malware.
Ransomware - Ransomware is malware used to deny a user or organization access to files on their computer. This criminal activity is used to extract payment from the user or organization for the safe return of their data.
Spyware – software used to covertly monitor and steal a computer’s data and activities without your knowledge or consent. A type of Malware.

Take cyber awareness training

Education and awareness are key to staying Cybersafe.

UCalgary offers the following cybersecurity courses:

Privacy Training: FOIP General Awareness
Cyber Awareness Training
Software development training: OWASP top 10: LinkedIn Learning
Students have access to a Privacy and Cybersecurity Awareness course on D2L: How to register

Get Cybersafe

Visit our Top 10 Cybersecurity Tips page, enrol in our Privacy and Cybersecurity Awareness course on D2L and in our Cyber Security – IT Introduction to Phishing Course on Enterprise Learning Management. We encourage all members of our campus community to take cybersecurity seriously. Remember to report instances of cyberbullying, online harassment, phishing, and other cybersecurity concerns to UService. Cybersecurity is also one of the five vectors of research security and the Research Security Division is here to help you Safeguard Your Research.

IT is here to support you.

Follow us on Twitter @Ucalgary_IT for ongoing cybersecurity tips. Caught a “phish” and don’t know what to do? If you receive an unusual email and you suspect it is phishing, use the "report" function in Outlook and select "phishing." For more information, please click here. If you’re unsure and want help, visit UService, email IT@ucalgary.ca, reach out through chat at ucalgary.ca/it or call 403.210.9300.

Learn more about how to protect yourself and stay secure online everywhere you go – even when you’re travelling! Visit UCalgary’s Cybersecurity Tips for Travelling website and what services are available for faculty, staff, post-doc and graduate students when travelling internationally. For example, did you know that UCalgary offers a loaner device program so that your personal devices are not at risk while you travel?

UCalgary’s short-term loaner device program allows faculty, staff, post-doc and graduate students to borrow cell phones, laptops and encrypted USBs when travelling internationally for UCalgary purposes. This program is to help protect UCalgary community members from having their private data seized or stolen by foreign governments and helps them to avoid malware introduced on devices through public wireless networks, public computer workstations and charging stations. Contact Research Security for more information or request a travel briefing at researchsecurity@ucalgary.ca.