Important Notice
Stay Alert! Cyber criminals are constantly evolving their tactics. Always verify before you trust, think before you click, and report suspicious activities immediately.
Cyber Do's and Don'ts
Do's - Best Practices
- Use Strong Passwords: Create unique passwords with a mix of uppercase, lowercase, numbers, and special characters. Minimum 12 characters recommended.
- Enable Two-Factor Authentication (2FA): Add an extra layer of security to all your important accounts including email and university portals.
- Keep Software Updated: Regularly update your operating system, browsers, and applications to patch security vulnerabilities.
- Verify Email Senders: Always verify the sender's email address before clicking links or downloading attachments.
- Use Secure Networks: Connect to trusted Wi-Fi networks only. Use VPN when accessing public Wi-Fi.
- Back Up Data Regularly: Maintain regular backups of important files on secure cloud storage or external drives.
- Log Out After Use: Always log out from university systems and personal accounts, especially on shared computers.
- Report Suspicious Activity: Immediately report any suspicious emails, messages, or activities to the IT department.
- Use Antivirus Software: Install and maintain updated antivirus and anti-malware software on all devices.
- Verify URLs: Always check website URLs before entering sensitive information. Look for "https://" and the padlock icon.
Don'ts - What to Avoid
- Don't Share Passwords: Never share your passwords, OTPs, or PINs with anyone, including friends or IT support claiming to help.
- Don't Click Suspicious Links: Avoid clicking on links in unsolicited emails, SMS, or social media messages.
- Don't Use Public Computers for Sensitive Work: Avoid accessing banking, email, or university portals on public or shared computers.
- Don't Download from Unknown Sources: Never download software, files, or attachments from untrusted or unknown sources.
- Don't Ignore Security Warnings: Take browser and antivirus warnings seriously. Don't proceed to suspicious websites.
- Don't Save Passwords in Browsers: Avoid saving passwords in web browsers on shared or public computers.
- Don't Post Sensitive Information Online: Never share personal details, ID numbers, or locations publicly on social media.
- Don't Connect Unknown USB Drives: Never plug in USB drives or external devices from unknown sources.
- Don't Fall for "Too Good to Be True" Offers: Be skeptical of lottery wins, free gifts, or schemes promising quick money.
- Don't Disable Security Features: Never turn off firewall, antivirus, or other security features on your devices.
Common Cyber Frauds & Threats
Phishing
Fraudulent emails or messages that appear to be from legitimate sources, attempting to steal login credentials, financial information, or personal data.
Prevention:
- Verify sender's email address
- Don't click suspicious links
- Check for spelling errors
- Hover over links to see actual URL
Malware & Ransomware
Malicious software that can steal data, damage systems, or lock files until a ransom is paid. Often spread through infected attachments or downloads.
Prevention:
- Use updated antivirus software
- Don't download from untrusted sites
- Regular system backups
- Scan all downloads before opening
Identity Theft
Criminals steal personal information (Aadhaar, PAN, bank details) to commit fraud, open accounts, or make unauthorized transactions in your name.
Prevention:
- Don't share ID documents online
- Monitor bank statements regularly
- Use strong, unique passwords
- Enable transaction alerts
Vishing (Voice Phishing)
Phone calls from fraudsters pretending to be bank officials, government agencies, or IT support to extract sensitive information or OTPs.
Prevention:
- Never share OTP or passwords over phone
- Verify caller identity independently
- Don't follow instructions from unknown callers
- Report suspicious calls immediately
Online Shopping Fraud
Fake e-commerce websites or sellers that take payment but never deliver products, or deliver counterfeit/damaged goods.
Prevention:
- Use trusted e-commerce platforms
- Check seller ratings and reviews
- Verify secure payment gateway
- Avoid deals that seem too good to be true
Romance/Dating Scams
Fraudsters create fake profiles on dating apps/social media, build emotional connections, and then ask for money for fake emergencies.
Prevention:
- Be cautious with online relationships
- Never send money to someone you haven't met
- Reverse image search profile pictures
- Be wary of sob stories
Public Wi-Fi Attacks
Hackers intercept data transmitted over unsecured public Wi-Fi networks to steal passwords, financial information, and personal data.
Prevention:
- Use VPN on public networks
- Avoid accessing sensitive accounts
- Turn off auto-connect to Wi-Fi
- Use mobile data for important transactions
Fake Job/Admission Offers
Scammers pose as recruiters or admission officers, demanding payment for fake job offers, admissions, or document processing.
Prevention:
- Verify through official university channels
- Never pay for job offers or admissions
- Check company/institution credentials
- Report suspicious offers to authorities
Phishing Awareness
Warning Signs of Phishing
- Urgent or threatening language ("Account will be closed")
- Requests for personal information via email
- Suspicious sender email addresses
- Poor grammar and spelling mistakes
- Generic greetings ("Dear Customer")
- Mismatched or suspicious URLs
- Unexpected attachments
- Too-good-to-be-true offers
How to Identify Phishing Emails
- Check the sender's email: Hover over the sender's name to see the actual email address. Look for misspellings or unusual domains.
- Verify links before clicking: Hover over links to see the actual URL. Don't click if it looks suspicious or doesn't match the claimed destination.
- Look for generic greetings: Legitimate organizations usually address you by name, not "Dear Customer" or "Dear User".
- Check for urgency: Phishing emails often create false urgency to make you act without thinking.
- Examine attachments carefully: Be wary of unexpected attachments, especially .exe, .zip, or .scr files.
What to Do If You Receive a Phishing Email
- Do NOT click on any links or download attachments
- Do NOT reply to the email
- Do NOT provide any personal information
- Report the email to IT department immediately
- Delete the email after reporting
- If you clicked a link, change your passwords immediately
Password Security Guidelines
Creating Strong Passwords
- Use at least 12-16 characters
- Mix uppercase and lowercase letters
- Include numbers and special characters (!@#$%^&*)
- Use unique passwords for each account
- Consider using passphrases (e.g., "Coffee@Morning2024!")
- Use a password manager to store passwords securely
Password Don'ts
- Don't use personal information (name, birthdate, phone number)
- Don't use common words or patterns (password123, qwerty)
- Don't share passwords with anyone
- Don't write passwords on paper or sticky notes
- Don't use the same password across multiple accounts
- Don't save passwords in browsers on shared computers
Password Change Policy
University Requirement: Change your university account password every 90 days. Passwords must meet the following criteria:
- Minimum 12 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
- Cannot be the same as previous 5 passwords
Emergency Contacts
National Cyber Crime Helpline
Helpline: 1930
Portal: cybercrime.gov.in
Email: complaints@cybercrime.gov.in
Available 24x7 for reporting cybercrime incidents
Gujarat Cyber Crime Cell
Helpline: 079-23250382
Website: gujaratpolice.gov.in
Email: cybercrime-guj@nic.in
For reporting state-level cyber incidents
CUG IT Department
Helpdesk: +91-2764-289444
Extension: 444 (Internal)
Email: it@cug.ac.in
Hours: Monday - Friday, 10:00 AM - 5:00 PM
For technical support and security concerns
CUG Security Office
Security: +91-2764-289400
Emergency: +91-2764-289401
Email: security@cug.ac.in
Location: Main Gate, CUG Campus
Available 24x7 for campus emergencies
How to Report a Cyber Incident
- Immediate Action: Disconnect from internet, change passwords of affected accounts
- Preserve Evidence: Take screenshots, save emails, note down details
- Report to IT: Contact CUG IT Department immediately (it@cug.ac.in)
- File Complaint: Report to National Cyber Crime Portal (cybercrime.gov.in)
- Follow Up: Keep track of complaint number and follow up regularly
Social Media Safety
Safe Social Media Practices
What NOT to Share on Social Media
Protecting Your Digital Reputation
Remember: What you post online can affect your academic and professional future. Employers and institutions often check social media profiles. Maintain professionalism and think carefully before posting.