Cybersecurity 101: How Hackers Target Students and How to Stay Safe

What is phishing? Why is phishing a commonly used tool by hackers?
Phishing is someone trying to trick you into giving away personal information – like passwords or financial details – by pretending to be a trusted source, often through email or text messaging. Phishing usually involves scare tactics like making you think money was taken from your bank account or threatening the removal of your data if you don’t click on a link immediately. Hackers love phishing because it’s easy, cheap, and it works very often. Instead of breaking into systems, they just convince people to hand over their account credentials.

What are some of the biggest cybersecurity threats you are observing?
Phishing emails remain a top threat, but we’re also seeing attacks using stolen passwords, fake GBC login pages, and scams targeting financial aid, tax refunds, student assistance programs, or tuition payments. Ransomware – where hackers encrypt an organization’s data and demand payment – is another ongoing concern.

What should a student do if their account is compromised?
Act fast! Change all affected passwords immediately and enable multi-factor authentication for any of your accounts where you haven’t already. Next, report the incident to the GBC OIT team as soon as possible so we can help secure your account and check for any suspicious activity.

What safeguards should a student employ to protect their account security?
Use strong, unique passwords for every account and turn on multi-factor authentication. Be cautious with links in emails or texts – when in doubt, don’t click. Take time to stop, think, and critically evaluate whether an email, text message, or link may look suspicious. Keep the operating system and apps on your personal devices updated. Beware of free items or money giveaways – if it sounds too good to be true, it probably is. And never share your account credentials with anyone, even if they claim to be from the GBC or your employer.

Are phishing trends becoming more complex in our new age of generative artificial intelligence?
Yes. AI makes phishing emails look much more convincing and personalized, which means spotting them is harder than ever. Always double-check the sender’s address and think twice before clicking on links or downloading attachments.

What’s the goal of a hacker? Your personally identifiable information? Or is it much more than that?
It’s often more than just your name or student ID. Hackers want access to user accounts and email mailboxes, financial data, and even your personal identity for fraud. Sometimes, they target organizational systems to steal confidential data or disrupt operations.

Are there any cybersecurity threats that students should be aware of during their studies?
Yes, many! These can include scholarship scams, fake job offers, fake IT warnings about possible issues with your account or email, fake giveaways from somebody pretending to be connected to GBC, notifications about financial transactions (shopping orders and deliveries, memberships, subscriptions, or other purchases) that you never made, and phishing emails pretending to be from financial aid, HR, or your class instructors. Also, be careful when connecting your personal devices to public Wi-Fi networks – that’s an easy way for attackers to intercept your data.

How do you not worry about these threats at night when you are asleep?
Technological data protection safeguards along with continuous staff education are only one part of the puzzle. Cybersecurity is a shared responsibility, though – students, faculty, and staff all need to stay alert and follow best cybersecurity practices together, which can make a big difference in keeping everybody’s accounts and data safe.