Hello, York University! With Spring already here and summer fast approaching, you may be spending more time outdoors. Cybersecurity threats are year-round, however, so take a minute to read!

During March, York University's Cybersecurity department has uncovered a scammer's attempt to steal money from an employee. The scammer in question was able to log in to the employee's York University account, change the direct deposit address, and direct all further payments to him. The account was swiftly locked down after the employee in question informed York University administration they have not received their pay for the period, and shortly after the employee received their deserved pay. But how could the scammer know the employee's password?

It's simple. The same password was used by the employee on a different website.

Websites are occasionally breached. When that happens, many malevolent users can get their hands on sensitive user information, such as passwords. This type of breach can be dangerous when the website in question is used to store large amounts of personal information, like a bank or an email service.

Make sure you remember to always use different passwords for different websites. Using seperate password strengthens the security of your online presence, and ensures hackers cannot access other accounts if one gets breached. Keeping track of each separate password doesn't have to be difficult, either. A good password manager software can store an encrypted version of your passwords, so that they are only used when needed by the actual user.

Enjoy the great weather! And remember:

Stay safe. Stay secure.