News & Events

In this Section

Orange Online: July 2025 Student Newsletter

This message was originally shared to all students via email on July 10, 2025.

Orange Online at a Glance

Each month, Information Technology Services provides tech tips for the Orange community. Pressed for time? Here are this edition’s topics:

Notes from the CISO’s Desk

Cybersecurity at Syracuse is a shared responsibility. Whether you’re faculty, staff or a student, your actions—like using strong passwords, spotting phishing attempts and reporting suspicious activity—help protect our digital campus. It’s not just about tech; it’s about people. Stay vigilant, ask questions and be part of the solution. More.

Information Security Tip: Don’t Take the Bait

Cybercriminals target universities with convincing scam emails posing as trusted contacts. Learn how to spot red flags like urgent language, unfamiliar senders and mismatched links. A recent University phishing test showed 36% clicked a fake link—don’t be one of them! Review tips and report suspicious emails today. Learn More.

Phishing: The Digital Confidence Scam

Phishing emails mimic urgency and authority to make you click before you think—posing as banks, IT, even coworkers. But taking a moment to pause, verify and report makes all the difference. You’re not just avoiding a scam—you’re strengthening our campus cybersecurity. Learn More.

“Hacking Humans” Podcast Highlight

The “Hacking Humans” podcast covers the latest social engineering scams and phishing tricks. Hear stories of scammers using fake E-ZPass alerts, AI-generated get-rich-quick schemes and a $800K gold bar fraud. Tune in for real-world examples to help you stay sharp and secure. Podcast.

Digital Accessibility Tip: Enable Auto-Captions

Many mobile devices can generate automated real-time captions across all apps. To enable captions, on both iOS and Android, go to Settings > Accessibility > Hearing > Live Captions and activate the toggle for “Live Captions.” More Tips.

Interactive Campus Map

Explore our comprehensive campus map at maps.syracuse.edu, where you can sort locations by type (buidings, parking, etc.). Click “Wayfinding” and select “Show Only Wheelchair Accessible Routes” to find wheelchair-friendly paths. Maps. 

Helpful Resources

ITS and the campuswide information technology community are available year-round to help with your tech questions. Resources include:

Thank you for reading. Go Orange!

Tech Tips: July 2025 Faculty/Staff Newsletter

This message was originally shared to all faculty and staff via email on July 10, 2025.

At a Glance

Each month, Information Technology Services provides tech tips for the Orange community. Pressed for time? Here are this edition’s topics:

Continue Reading

Phishing: The Digital Confidence Scam That Plays on Your Emotions

Imagine this: You receive an email that looks super official. It’s from your bank (or so it says), and it’s warning you about “suspicious activity.” Your heart jumps. Your palms are sweaty. You click the link.  

Boom.  

That is phishing in action.  

Phishing is the 21st-century cousin of the old-school confidence scam. You know, like the smooth-talking trickster who sweet-talked people out of their cash with charm and lies? Same strategy, just digitized.  

It’s Not Just Tech, It’s Psychology Phishers don’t need to hack your computer when they can hack you. These digital con artists exploit your trust, fear, curiosity, urgency, and even greed. It’s not about code; it’s about emotions.  

  • Trust: “This looks like it’s from IT, I better take it seriously.”  
  • Fear: “If I don’t respond, I might lose access!”  
  • Urgency: “They said my account will be locked in 10 minutes?!”  
  • Curiosity: “What’s this invoice for? I better open it.”  
  • Greed: “Hey! I won a free gift card!”  

Phishing works because it feels personal. It’s designed to make you react before you think. That split second of emotional hijack is all the bad guys need.  

You’re Not Dumb, You’re Human Falling for a phish doesn’t mean you’re gullible. It means you’re human. And guess what? Phishers count on that. The more you care about doing the right thing, staying secure, or responding quickly, the more likely you are to be targeted.  

So, What Can You Do? Start thinking like a skeptic. Treat every unexpected message like a stranger at your front door trying to sell you a deal that’s too good to be real.  

Pause. Breathe. Don’t react emotionally. 

Check the sender. Hover over links.  

Ask: Does this seem just a little too urgent, scary, or good to be true? 

 

Be the Plot Twist Phishers are counting on you to play your role in their scam. Flip the script. Be the person who doesn’t fall for the trap. Be the plot twist that ruins their day.  

Because when you sniff out a phishing email and report it, you’re not just protecting yourself. You’re protecting everyone around you. That makes you a cybersecurity A-lister that’s building a strong cybersecurity culture on campus.  

Phishing: The Digital Confidence Scam That Plays on Your Emotions 

Imagine this: You receive an email that looks super official. It's from your bank (or so it says), and it's warning you about "suspicious activity." Your heart jumps. Your palms are sweaty. You click the link.

Boom.

That is phishing in action.

Phishing is the 21st-century cousin of the old-school confidence scam. You know, like the smooth-talking trickster who sweet-talked people out of their cash with charm and lies? Same strategy, just digitized.

It's Not Just Tech, It's Psychology

Phishers don’t need to hack your computer when they can hack you. These digital con artists exploit your trust, fear, curiosity, urgency, and even greed. It’s not about code; it’s about emotions.

Trust: "This looks like it’s from IT, I better take it seriously."
Fear: "If I don’t respond, I might lose access!"
Urgency: "They said my account will be locked in 10 minutes?!"
Curiosity: "What’s this invoice for? I better open it."
Greed: "Hey! I won a free gift card!"

Phishing works because it feels personal. It's designed to make you react before you think. That split second of emotional hijack is all the bad guys need.

You're Not Dumb, You're Human

Falling for a phish doesn't mean you're gullible. It means you're human. And guess what? Phishers count on that. The more you care about doing the right thing, staying secure, or responding quickly, the more likely you are to be targeted.

So, What Can You Do?

Start thinking like a skeptic. Treat every unexpected message like a stranger at your front door trying to sell you a deal that’s too good to be real.

Pause. Breathe. Don't react emotionally.

Check the sender. Hover over links.

Ask: Does this seem just a little too urgent, scary, or good to be true?

Be the Plot Twist

Phishers are counting on you to play your role in their scam. Flip the script. Be the person who doesn’t fall for the trap. Be the plot twist that ruins their day.

Because when you sniff out a phishing email and report it, you're not just protecting yourself. You're protecting everyone around you. That makes you a cybersecurity A-lister that’s building a strong cybersecurity culture on campus.

Phishing Alert: Do Not Take the Bait 

Phishing emails continue to be one of the most effective cyberattacks targeting universities. These fraudulent messages often appear to come from trusted sources—professors, IT staff, or campus departments. Still, their goal is to trick you into giving up login credentials, downloading malware, or clicking on malicious links.  

This month’s Information Security Tip focuses on how to spot phishing attempts and what to do if you suspect something suspicious. 
 

Spot a Phish: What to Look For 

  • Urgent or time-sensitive language (e.g., “Your account will be locked!”)  
  • Strange senders or unfamiliar email domains  
  • Unexpected attachments or vague shared documents  
  • Links that do not match the sender or stated purpose.  

Tip: Hover over links to preview the URL. Never enter your SU NetID and password unless you are sure the page is legitimate. 
 

Campus Phishing Example 

Recently, ITS ran a phishing simulation, and 36% of recipients clicked the link in the email. While the message appeared to be a Google Sheet shared by a campus leader, there were several signs that it was suspicious: 

  1. Misspelled sender domain: The email came from @widnows.net, which is not a legitimate Google domain. 
  1. Mismatched link: The document link didn’t direct to a Google service. 
  1. Suspicious footer: The email referenced a cyber academy unrelated to Syracuse University, suggesting the sender wasn’t who they claimed to be. 
  1. Lack of context: Recipients should have asked themselves, was I expecting this kind of document from this person? 

This simulation highlights the importance of slowing down and checking for small details that can signal a phishing attempt. 

Review SU’s phishing awareness resources: Phishing and Suspicious Email
 

Report Suspected Phishing Emails 

Use the Report Phishing tool in Microsoft Outlook to report suspected phishing emails or contact the ITS Service Center for assistance, 315-443-2677.