Security Awareness

The Office of Information Security (OIS) in the Office of Technology Services (OTS) provides Cybersecurity Awareness resources for Towson University.

Tax-Filing Season is here, and so are the scams

Tax filing officially began on January 29, bringing an increase in online and phone scams that attempt to steal tax refunds, bank account information or your identity. Be sure to address all potential phishing emails or suspicious phone calls–especially tax-related ones–with caution. 

OIS provides tax-time tips below, but to see more advice and access tax-related resources from the Internal Revenue Service (IRS), read the T3 article. 

Protect yourself this tax season

  • Complete your taxes as early as possible. Filing early minimizes the chance of scammers impersonating you, filing your taxes, and stealing your refund.
  • Do not respond to emails appearing to be from the IRS. The IRS does not initiate taxpayer communications through email or social media. If you receive an unsolicited email in your TU email account claiming to be from the IRS, forward it to .
  • Do not respond to unsolicited emails and do not provide sensitive information via email. If the email appears to be from the TU Payroll Office, contact the office directly using the phone number from the University Online Directory– don’t call numbers provided in the questionable email. Do not open any attachments or click on links contained in unsolicited or suspicious emails.
  • Do not provide financial or personal information to unsolicited callers or telemarketers. Politely end the call, then block the number. For added security, you can also register your personal number on the National Do Not Call Registry.
  • Secure your computer with recent system and application updates. Anti-virus and anti-spyware software should be installed, running and receiving automatic updates. Use a strong and different password for each account.

National Cybersecurity Awareness Month

Every October, TU's Office of Information Security in the Office of Technology Services joins the U.S. Department of Homeland Security and the National Cybersecurity Alliance to celebrate and promote National Cybersecurity Awareness Month (NCSAM). This month long awareness program is a collaborative effort between government and industry to ensure that every American has the security resources they need to be safe online. 


Highlights from events include: 

  • Speaker Matt Olney, Manager at Cisco Talos, gave a special presentation on the how individuals and small organizations can have a global impact on security.
  • Speaker Daniel Gray, FBI Supervisory Special Agent: The Cyber Security Insider Threat-recognizing and combating cybercrime

  • Presenter James Crumpler '16, NSA employee performed computer security demonstrations

  • TU Professor Michael O’Leary, Ph.D. & the TU Computer Science students performed a live hack

Information Security Awareness Training at Towson

Faculty, staff and students are our first line of defense against insider and outsider threats. Collectively forming our shield protects the University from malicious or unlawful use of our resources by external sources.

Faculty, staff and student workers have access to online training from the highly regarded SANS Securing the Human training series. To activate your department's security training, contact OIS at   

What Is SANS Securing the Human?

SANS Securing the Human is a division of the SANS Institute that provides a security awareness solution to manage human cyber security risk.  

What SANS Training does Towson have available?

Information Security General Awareness Training: This course provides faculty, staff, and student workers with an introduction to the awareness program. Modules include: You are the Shield, Passwords, Encryption, Data Security and Data Destruction, Social Engineering, Email & Messaging, Working Remotely, Social Networking, Mobile Device Security and Hacked.

Prerequisite: none

OIS General Awareness Training: This course is Information Security PCI Compliance Training. In the normal course of business, some University units store, transmit, or process cardholder data. This requires them to follow the Payment Card Industry Data Security Standards (PCI-DSS). This module defines cardholder data and teaches the required steps for protecting and safely handling it.

Prerequisite: Information Security General Awareness Training 



Security lingo can be confusing. SANS provides a list of common security terms with basic definitions.

Get the latest Cybersecurity info directly from SANS: read the OUCH! Monthly Newsletter and watch a new Awareness Video every month.

Password Security

Cyber criminals have developed sophisticated programs to guess your passwords. To protect yourself, it is important to create a strong password that cannot be easily hacked. Refer to the password guidelines when creating a Towson University NetID or other online password.


Learn how to recognize phishing, which is a cybercrime targeting your email. Forward suspicious emails received in your Towson University email inbox to

Security Checks

To learn about how to do your own security check up, visit Stay Safe Online for free security check-ups and tools.  Are you putting Towson University at risk? Take the quiz.