Everyone Plays a Role in Cybersecurity at PLNU
At Point Loma Nazarene University, cybersecurity is everyone's responsibility. One major threat we face is phishing, which involves fake emails designed to trick you into sharing personal information. Quickly identifying and reporting these threats helps keep our University safe.
In 2024, higher education was the most targeted sector globally. Major risks included outdated software, phishing scams, and stolen login credentials. These problems resulted in serious financial and operational issues, including high-profile breaches and increased recovery costs.
Key Statistics
| Category |
Details |
| The average cost of a data breach |
$3.5 million |
| The average cost of recovery from a ransomware attack |
$4.02 million per incident |
| Identified Software/OS Vulnerabilities in 2024 |
47,025 reported |
| Reported Phishing Incidents in 2024 |
1,137 |
| Average Cost of Vendor Invoice Fraud in 2024 |
$219,000 average per case |
| PLNU Impact |
4,550 passwords reset
3,524 breached passwords blocked
1 in 6 login attempts fail |
Top Threats to Watch For
- Unpatched Software: Outdated systems are a major entry point for ransomware.
- Social Engineering: This includes phishing and other tactics to manipulate people.
- Stolen Credentials: Compromised logins are a significant source of breaches.
How PLNU Protects You
We use advanced tools like PhishForward, SpyCloud, and CrashPlan to secure faculty and staff devices.
- 24/7 threat monitoring
- Data is backed up every 15 minutes
- Automatic malware protection and system updates
- Phishing email reporting in Gmail (PhishForward)
- Full disk encryption
- Multi-factor authentication (MFA)
Note: If a potential threat is found, IT will investigate and contact you if necessary. No action beyond reporting with PhishForward is required unless you are notified.
How to Identify a Phishing Email
Phishing emails may look official but aim to deceive you. Watch for these warning signs:
- Unknown senders: Be cautious with unfamiliar names or email addresses.
- Urgent or alarming messages: Phrases like “Act now” or “Account suspended” are common tricks.
- Typos or strange formatting: Odd layouts and grammar mistakes are red flags.
- Unexpected links or attachments: These may lead to fake pages or contain malware.
- Too-good-to-be-true offers: Be skeptical of job offers, free money, or giveaways.
If something seems suspicious, don’t click; report it.
Report Suspicious Emails
Use the PhishForward button in Gmail to easily report suspicious messages. It goes directly to our security team. If PhishForward is not available, please email phishalert@pointloma.edu.
Need help using PhishForward? Follow this guide.
Cybersecurity Best Practices
- Use strong, unique passwords.
- Enable multi-factor authentication (MFA).
- Keep your devices updated regularly.
- Ensure all important files are backed up with a program like CrashPlan.
- Think before clicking links.
- Never share your PLNU login credentials.
Cybersecurity Awareness Month
Last October, PLNU ran a campus-wide cybersecurity awareness campaign. You’ll receive helpful tips, resources, and updates to stay informed throughout the year.
Need Help?