Security
Beware of Phishing Emails
For all messages that arrive in your University inbox, don’t hesitate to question their validity, particularly if they look suspicious to you. Spammers and phishers are constantly operating to catch you off guard and take advantage of your email account or other possessions you share with them (e.g. credentials, credit card numbers, gift card numbers).
If you find messages in your inbox:
- Offering a job that will cover part or the full amount of your tuition
- Offering a job to work with someone at the University who you never met nor interviewed with
- Offering a job to work from home but requiring that you put up money upfront to get started
- Offering a job where they will send you money upfront but then need more information to get that money to you
- Offering a job for a professor who is out of the country and needs you to run errands around the University
or using pressure tactics to force you to respond such as:
- Stating that something will happen to your account at your request (when you never made such a request like “we received your request to close down your account, click here”)
- Threatening you that your University account may be closed
- Stating they have video of you through your camera and that you need to make a crypto or gift card payment to clear things up
- Stating they have control of your computer and require payment to return control to you
- Stating they will share your secrets with your address book
- Stating mail will stop coming in if you don’t respond
- Stating all your old emails will be removed if you don’t respond
- Stating your account will be deleted if you don’t respond
- Stating you must do something with your account within a short period
- or something along those lines from ITS, the Help Desk, the HR department, the President, your Dean, someone you know, or someone you don’t know
Know those messages are completely false and you should not respond.
Take action against the scammers and delete the message!
Don’t click on the links in such messages.
If you question whether a message is legitimate, you are welcome to forward the message to helpdesk@udmercy.edu for a response.
If you see a lot of rejected email messages in your inbox that you did not send, the University strongly suggests you:
- change your password
- change your security questions and answers
- verify your email is not being auto-forwarded to another account
- change all other sites where you might use the same combination of email address and password
If you already mistakenly fell for one of these messages and you still have access to your email account, please log in and:
- change your password
- change your security questions and answers
- verify your email is not being auto-forwarded to another account
- change all other sites where you might use the same combination of email address and password
If you have already mistakenly fallen for one of these messages and you do not have access to your email account, you will need to contact the Help Desk to arrange for Microsoft to clear your account. Microsoft generally takes 24-72 hours to clear compromised accounts during which time you do not have access to your account and cannot send or receive email messages. This means you will not be able to access Blackboard while waiting for the account to clear.
If you would like to add a deeper level of security to your email account, ITS would be glad to turn two-factor authentication on by request. All employees at the University use two-factor authentication and we will be turning this on soon for all students as well. Users that fall for these scams will automatically have it turned on.
Security Measures
-
Multi-Factor Authentication
As part of Detroit Mercy's ongoing commitment to provide the tools needed to work efficiently and safely, we are implementing a new feature for all Office 365 accounts: Multi-Factor Authentication (MFA).
Multi-Factor Authentication (MFA) adds an extra layer of security to your Office 365 account. After you enter your password, you will be asked to provide a second factor of authentication from the following:- Microsoft Authenticator app (a push notification or a verification code) – Recommended
- Text code to an authentication phone number
- Voice call to an authentication phone number
The following video explains how to setup MFA on your account for the first time. Step-by-step written instructions on setting up Microsoft Authenticator are provided below.
Step 1: Install the Microsoft Authenticator app
- Install the Microsoft Authenticator app from the Apple app store or Google play store.
- On your laptop or desktop, visit https://aka.ms/mysecurityinfo
- Select “Add Method” >> “Authenticator app”
- Follow the setup instructions.
- Use the Microsoft Authenticator app on your phone or tablet to scan the QR Code on the screen.
- Visit https://aka.ms/mysecurityinfo
- Select “Add Method” >> “Phone”
- Enter your text capable phone number.
- Select “Text me a code”
- Follow the setup instructions.
- Visit https://aka.ms/mysecurityinfo
- Select “Default sign-in method” >> “Change” >> “Authenticator – notification”
-
Anti-Virus Software for Students Living in Campus Residence Halls
Each year, the University provides free commercial anti-virus protection to current students living in the campus residence halls.
During Freshman move-in, the Help Desk will provide a one-year McAfee Anti-Virus license for installation.
Resident students who need to pick up their license after the freshman move-in date may do so by bringing their University identification card and residence proximity card to the Help Desk in Fisher 230. The Help Desk staff will verify the student's name and room location and, then, will install and configure McAfee.
A student who already owns a licensed copy of an anti-virus product will likely not need the University license. Students who have only a trial license installed on their computer are ideal candidates for the University licensed installation.
Please note that all users should never install more than one anti-virus protection application. Multiple anti-virus protection applications on one computer will typically compete against each other resulting in a very slow computer. Only one anti-virus product that is updated daily is necessary.
The ITS department is unable to provide virus protection for non-Windows computers.
-
Security Policies
A number of policies exist covering Information Technology security. These policies can be read on the Policies page.