Criminals don’t care if you're just trying to get through freshman year or you’re writing your thesis or if you have a major case of senioritis. If you’re online, you’re a target. 

Whether you’re sharing streaming service passwords with your dormmates (don't do that) or submitting assignments at 2 a.m., you can be a cybersecure student by adopting a few behaviors.

1. Don’t sleep on your school email 

Your .edu email address serves as a gateway to more than just student discounts; it also provides access to your school accounts, financial aid, and personal data. Hackers know this. That’s why phishing emails are often designed to look like official messages from your university. 

• Don’t click on suspicious links or download unexpected attachments. 

• Double-check the sender's address. A real school email won’t come from studenthelpdesk123@gmail.com. 

• If in doubt, go directly to the source -- visit your school’s official website or contact IT. 

• Most universities have heavy-duty spam and phishing email filters, but scammers can occasionally get through – be highly cautious of any message demanding you take quick action.  

2. Use strong, unique passwords – and try out a password manager! 

We get it. Remembering a dozen passwords is annoying. But reusing the same one for your school account, Netflix, and your bank app? That’s an open invitation to cybercriminals. Today, each password needs to be at least 16 characters long, a random mix of characters, and unique to the account. How the heck do you remember all these long, strong passwords? A password manager is the best option.  

• Use a password manager to keep track of everything – your university might have one you can download, or there are many high-quality free options. Learn more about password managers here. 

• Don’t make passwords obvious with info like your birthday, pet’s name, or “1234.” 

• Passwords that are 16 characters or longer take billions of years for hackers to crack! 

 3. Turn on multifactor authentication (MFA)

Multifactor authentication (sometimes called two-factor authentication, 2FA, or two-step authentication) adds an extra layer of security, like a door bolt for your accounts. When MFA is on, you’ll log in with your password and a second step, like logging into a special app on your phone. It’s one of the easiest ways to stop hackers, even if they guess your password.

• See if your college has a suggested MFA option for your academic accounts and student portal.  

• Turn on MFA for all your accounts, but especially banking, email, and social media apps.

• Never share a MFA code or approve an MFA app request you didn't make – even if someone "official" calls, emails, or texts you!  

4. Watch for scams through texts, DMs, and everywhere! 

It’s not just email – phishing can happen through text messages, Instagram DMs, or even fake job postings on LinkedIn. 

Scammers often pose as student organizations, professors, or even campus security. They want to trick you into clicking a link, sharing personal info, or downloading malware. 

• Look for any unexpected message with a sense of urgency, like "Act now or lose access!" 

• Delete any request for money, gift cards, bank account info, or cryptocurrency. 

• Official organizations, like universities, student loan servicers, or the government, won't text or DM you about setting up payments.  

• Never scan QR codes without any context or in a public place – it's always a better idea to go directly to a URL or find a website through Google than to use unfamiliar QR codes.

5. Keep your devices updated 

Clicking “Remind me later” on software updates is a reflex for a lot of us. But those updates often fix serious security flaws. The longer you wait, the more vulnerable your laptop or phone becomes. 

• Set up automatic updates so you get the latest security patches.  

• Regularly shut down and restart your laptops, phones, and tablets – once a week is good.

 6. Back up your stuff 

Imagine losing your laptop the night before finals, which means you also lose all your class notes, papers, and that group project no one else worked on. Many college students have dealt with losing critical documents, and the only way to protect yourself is to back it up.  

Whether it’s due to theft, a spill, ransomware, or your hard drive breaking, data loss happens. Backing up your files ensures you won’t lose everything if disaster strikes. 

• Use cloud services like Google Drive, Microsoft OneDrive, or Apple iCloud – there's probably a cloud service already installed on your laptop you can use. 

• Keep a physical backup like an external hard drive for extra peace of mind. 

• Once every semester, double-check that your backups are actually working and, you know, backing up your stuff.

7. Lock your laptop and phone 

This one’s simple, but essential. When you walk away from your device, even for a quick bathroom break, lock it. You don’t want a stranger (or goofy roommate) accessing your stuff.

• Use a PIN, password, facial recognition, or fingerprint scan for superior protection.

• In your device's settings, use Find My Device for Apple or Android products so you can remotely wipe the data off if it is stolen or lost – but hopefully it'll never leave your side!

• DON'T share device PINs and passwords with roommates or friends – if you want to show them a funny video or need their help proofreading an email to a professor, do it together.

8. Clean up your digital footprint 

College is a time to explore, try new things...and you might overshare a little (or a lot) online. But what you post now could follow you long after graduation. You don’t have to go full digital hermit, but share with care.  

• Review your privacy settings on social media. Change it to an audience that makes you comfortable. 

• Google yourself and see what comes up. 

• Remove old accounts you no longer use.

9. Know where to get help 

Most colleges have IT support services or a help desk. In life, you might not always have access to a computer expert, so take advantage! If you think you’ve been hacked, clicked on a shady link, or feel unsure, don’t be embarrassed. Ask for help. 

• You can often get computer or other technology help from your school's IT department. Even if you get a "Blue Screen of Death," they can help you more than random Google searches can.  

• You can report phishing or other suspicious online activity – and your school's cybersecurity team will be happy you did. 

• If you are having problems or are confused by academic software, ask for help! Your school's IT department wants to help you. 

10. Be intelligent about AI use 

Generative artificial intelligence (AI) programs like ChatGPT are changing the nature of education. And, if we're being honest, we're all probably using it a bit too much, even professors! While different universities, departments, and faculty have differing approaches to AI, always check the guidelines. You are at college to learn critical thinking – if you let the computer think for you, you're robbing yourself.  

• Ask your professors what they're AI policies are.  

• If permitted, use AI for outlining and brainstorming help, but don't copy/paste your papers from ChatGPT or Grok – writing papers is a skill, and, annoying as it may be, you should focus on learning these skills through practice! 

• Don't share sensitive data with AI because the platforms might use it for their training data and share it with someone else. Treat AI programs like social media – share with care!

Study safe online! 

College is all about learning, but you don't need to learn a cybersecurity lesson the hard way. By embracing a few smart cybersecurity habits now, you can protect your identity, your finances, and your future. So study hard, have fun, and don’t let hackers crash your college experience. And if you want more online safety tips, sign up for our free email newsletter!