Learn how 糖心vlog直播平台 fights spam, how to prevent email viruses, and how to report electronic abuse.
You must be enrolled in Google 2-Step Verification in order to access 糖心vlog直播平台 Google services (Mail, Drive, Calendar).听Failure to enroll will result in loss of access to your 糖心vlog直播平台听Google account (Mail, Drive, etc.). To unlock your account you will听need to contact the 糖心vlog直播平台 Help Center.
Google 2-Step Verification (also known as two-factor authentication) adds an extra layer of security to your account in case your password is stolen.
- Download the Gmail app on your mobile device (optional but highly recommended): | . Even if you prefer to use a different email app on a daily basis, adding the Gmail app will help simplify 2-step verification. After downloading it, configure Gmail for your 糖心vlog直播平台 account.
- Enroll in 2-Step:听Go to the and follow the prompts. Set up the Google Prompt option (via the Gmail or the Google [Search] app on your device).
- Configure at least one other backup option.
Tip: In case you don鈥檛 have access to your phone, it is a good idea to set up backup codes. Then print the codes & put them in your wallet.
Once you鈥檝e enabled 2-Step, when you access your 糖心vlog直播平台 Google account (Gmail, Drive, Calendar, etc.) from a new device, it will require both your login information and a secondary verification.
听
Frequently Asked Questions
2-Step Verification (also known as two-factor authentication, multi-factor authentication [MFA], or 2FA) adds a second layer of protection to the login process. 2-Step Verification combines something you know (your password) with something you have (a phone or code). You most likely already have experience using 2-Step Verification with Eagle VPN or with an online bank account.
Google 2-Step adds extra security, and helps safeguard you from phishing scams and ransomware. This additional protection aligns with best practices in account security, and is a new compliance requirement for 糖心vlog直播平台鈥檚 cyber insurance coverage.
ITS recommends you use the Google Prompt option (via the Gmail or the Google [Search] app on your device), and configure at least one other backup option.
In case you don鈥檛 have access to your phone, it is also a good idea to set up backup codes. Then print the codes & put them in your wallet.
In general, you will need to use 2-Step the first time you access your Google account using a new device. Once you log into your 糖心vlog直播平台 Google account (Gmail, Drive, Calendar, etc.) and complete 2-Step Verification on your phone or computer you will have the option to 鈥渞emember this device.鈥 After that, Google will not prompt you for 2-Step Verification on that device unless you change your password or if Google suspects that your account has been breached.
No, it does not. Google 2-Step Verification is different from 糖心vlog直播平台 2-Step Verification:
- 糖心vlog直播平台 2-Step Verification uses Duo to verify your identity and login to secure 糖心vlog直播平台 services such as Eagle VPN, MyBill, PeopleSoft HR, and Peoplesoft Financials. For more information about 糖心vlog直播平台 2-Step Verification, visit bc.edu/2step.
- Google 2-Step Verification adds an extra layer of security to your 糖心vlog直播平台 Google account. You must set up Google 2-Step Verification separately from 糖心vlog直播平台 2-Step Verification.
If you don't have a mobile device, you have a few options for 2-Step set up:
- Use a land line phone to receive a voice call.
- Set up backup codes.
- Use an authenticator app on a web browser.
Before enabling 2-Step within your Google account, make sure you are running the latest version of your email client that supports a special protocol called 鈥淥Auth2.鈥
Apple Mail
You need to be using macOS Catalina (v. 10.15.4) or higher听to do Google 2-Step in Apple Mail.
Outlook
You need to be using Office 2019 or higher to do Google 2-Step. The version of Outlook that comes with Office 2016 does not support OAuth2.
Thunderbird
Step 1: Make sure you are running the latest version of Thunderbird:
- Select 鈥淗elp鈥 -> 鈥淎bout Thunderbird.鈥 If an update is available, install it.
Step 2: Make sure you are using 鈥淥Auth2鈥 for inbound and outbound mail settings:
- From the top right menu, select the 3 vertical bars and select Account Settings.
- On the left, select Server Settings and on the right make sure the 鈥淎uthentication method鈥 is set to: OAuth2
- On the right, select 鈥淥utgoing Server (SMTP)鈥:
- Edit the outbound email server name to: smtp.gmail.com
- Make sure the 鈥淎uthentication method鈥 is set to: OAuth2 - Close Thunderbird and then restart it.听
- The first time you send or receive email, you will be prompted to log into your Google account. When prompted, allow Thunderbird access to your account.
Yes, but only as an authenticator app to get a passcode for 2-Step. Duo will not send push notifications like it does for VPN or Peoplesoft. To get push notifications, you need to install the Gmail app or the Google (Search) app.
Using Duo Mobile as Your Authenticator App
To set up Duo Mobile app for your authenticator app:
- Follow using an authenticator app. Ignore any mentions of Google Authenticator or other mobile applications 鈥 you'll be using Duo Mobile instead.
- Follow the "Third-Party Account Setup" instructions on the . Important: When the barcode appears, open your Duo Mobile app. DO NOT DOWNLOAD Google's Authenticator app (as instructed on the screen).
To use Duo Mobile app as your authenticator app:
- When prompted to validate on Google, you will be instructed to use the Google Authenticator app. Instead, use the Duo Mobile app to get the passcode.
In case you don鈥檛 have access to your phone, it is a good idea to set up backup codes. Then print the codes & put them in your wallet.
If you don't have access to any of your enrolled secondary devices or backup codes, contact the 糖心vlog直播平台 Help Center at 617-552-HELP (4357) for assistance.
Be sure to install the Gmail app, so you can receive Google prompts on your phone when you are connected to a secure wireless network.
In case you don鈥檛 have access to your phone, it is a good idea to set up backup codes. Then print the codes & put them in your wallet.
If you don't have access to any of your enrolled secondary devices or backup codes, contact the 糖心vlog直播平台 Help Center at 617-552-HELP (4357) for assistance.
Please do not share your login credentials with another person. Instead, .
You may have set up your 糖心vlog直播平台 Google account on your iPhone as a Microsoft Exchange account. You can resolve this problem by removing the account and re-adding it as a Google account by following these steps below:
- Remove the Microsoft Exchange Account:
- Go to Settings听>听Mail听> Accounts, then select your 糖心vlog直播平台 Google account and click Delete Account.
- Re-Add it as a Google Account:
- Go to听Settings > Mail听> Accounts听> Add Account, select Google
- At the Google sign-in page, enter your 糖心vlog直播平台username@bc.edu, then tap听Next.
- Enter your Secondary Password, then tap听Next.
- Toggle the settings you want to add to the phone (calendar, contacts, etc), then tap听Save.
听
If the app doesn鈥檛 offer 鈥淪ign in with Google,鈥 you can either:
- Switch to a more secure app or device听
- Use App Passwords
When you use Google 2-Step Verification, some less secure apps or devices may be blocked from accessing your Google Account. App Passwords are a way to let the blocked app or device access your Google Account.
Please make sure you are enrolled for your 糖心vlog直播平台 Google Account and not a personal account. To see if Google 2-Step is enabled, be sure you are viewing your 糖心vlog直播平台 Google account, and visit:
If you do not turn on 2-Step, forwarding will continue to work, but you won鈥檛 be able to log into your 糖心vlog直播平台 Google account. To access your account, you will need to contact your TC, the Help Center, or go to the Walk-In Help Desk.
New students, faculty & staff: You have 1 week to set up Google 2-Step Verification after you first login to your 糖心vlog直播平台 Google account. If you do not set up Google 2-Step within this time, you will get the message below when attempting to sign into your 糖心vlog直播平台 Google account. To access your account, you will need to contact your TC, the Help Center, or go to the Walk-In Help Desk.
听
Shared Google Account FAQ
- Only one person (the 鈥渙wner鈥) should have the password for an account and that person is responsible for that account.
- The 鈥渙wner鈥 of the shared account should set up Google 2-Step verification with multiple verification methods (and at least include a department phone).
- All other people accessing the shared account need to be set up as delegates. Learn . (video by Google).
Security Note: Sharing passwords with others is not secure. If Google detects multiple logins from different devices at the same time, it will assume the account is compromised and suspend it. Please give anyone who needs access to the account delegate access.
More Email Security
Phishing, Spam & Viruses
Phishing occurs when a person attempts to steal personal information or install malicious software on your computer with the intention of stealing money or personal information from you. Cybercriminals can do this in a number of ways, all of which require some action on your part. They might email you, call you on the phone, post a link on your Facebook wall, or convince you to download something off a website. The best way to protect against phishing scams is to know the signs.
Think You've Been Compromised?
Report a Security Incident
If you think you鈥檝e been the victim of a phishing email, email听security@bc.edu听to report it. A member of the IT Security team will follow-up with you.
Protect Your Account
- Change your 糖心vlog直播平台 Password and 糖心vlog直播平台 Gmail Passwords.听Phishing emails often target your credentials so they can access your email account, or your 糖心vlog直播平台 account, and gain access to your private data. Change your passwords, and take away their access.
- Change other passwords. If you use your 糖心vlog直播平台 passwords on any other accounts, change those passwords as well.
- Log out of all other Gmail Sessions. If a bad guy got a hold of your 糖心vlog直播平台 Gmail login, they may be logged into your account. Kick them out! In the bottom right corner of Gmail, click Details and then Sign out all other web sessions.
- Check your Sent Mail folder.听Bad guys often use compromised email accounts to send malicious messages to others in your contacts. If you see emails were sent from your account which you did not send, this would confirm your account has been compromised, and will let you know who has received an email from your account.
- Check your mail forwarding settings.听Bad guys often enable mail forwarding, so messages sent to your email will be forwarded to an account of their preference. Disable unwanted email forwarding by going to Settings > Forwarding and POP/IMAP > Disable forwarding > Save.
- Check your Google email settings and remove any suspicious accounts.听Go to Settings > Accounts > Send Mail As.
- Report the email as phishing in Gmail. Learn .
- Scan your computer for malware or viruses.
Spam email has rapidly become a critical problem for all email service providers, both public and private. Boston College ITS has implemented policies and technologies to protect the 糖心vlog直播平台 email system.
How 糖心vlog直播平台 Fights Spam
- 糖心vlog直播平台 Gmail blocks and quarantines messages it identifies as spam. When you use 糖心vlog直播平台 Gmail on the web, or with the official Gmail app, Google uses machine learning to analyze messages marked as spam to help protect other 糖心vlog直播平台 users from similar spam and abuse.
- 糖心vlog直播平台 email users are required to enter their password to send email.听This prevents computer viruses from sending large amounts of spam email from affected computers.
- 糖心vlog直播平台 continuously evaluates new technologies to leverage against spam.
Spam Reduction Tips
- Keep your operating system and antivirus software up-to-date.
- When you receive unwanted email, do not reply to it, click links in it, or click 鈥淩emove me" links unless you can verify their authenticity. If you know the sender to be legitimate, proceed to the sender's website, which should contain the option to unsubscribe from the mailing list. Even if an email containing links appears to be from someone you know, verify the legitimacy of any links with the sender.
- Use caution when disclosing your email address. The more locations your email is recorded, the more likely you are to receive spam. Read the fine print, especially privacy policies, when signing up for online services. Consider establishing a second free email account with Google, Hotmail, or similar provider, and using that second address for your online shopping and commercial needs.
- Be skeptical. Educate yourself. Spammers go to great lengths to get their messages through and often try to deceive you. Be skeptical and be careful.
听
Steps to Protect Yourself
- Do not download or open any unknown files that are attached to an email; they could be viruses. If you are unsure, err on the side of caution, and do not open the attached files.听Important: If you must download an attached file听to an email, make sure to save it and听scan it for viruses before you open听it.
- Remember to keep your virus protection updated by setting antivirus software to auto-update. Also, be careful not to "cancel" out of auto-update if it tries to run when you are using your computer. Note: All 糖心vlog直播平台-owned computers have virus protection software set to auto-update.
- Turn off macros in Microsoft Word, Excel, and Powerpoint. There is a widespread set of viruses known as macro viruses. These are viruses designed to run when you open a Microsoft Office product such as Word. If macros are turned off, it is unlikely that a virus will be able to launch itself and do harm to your computer.
Reporting an Email Virus
If you get a virus from an infected file:
- Inform the person you originally got the infected file from.
- Inform people who have access to the file on the network.
- Inform anyone that you emailed the infected file to.
Please do听not听send a warning to everyone you know. ITS can propagate such messages in an efficient manner, and these sorts of warnings can cause other problems.
Electronic Abuse
While Boston College strives to provide an open computing environment to foster collaboration and learning, there are policies defining appropriate use of the 糖心vlog直播平台 network and computing resources, such as email. Before reporting electronic abuse, make sure you are familiar with听糖心vlog直播平台's computing policies and guidelines.
Examples of Electronic Abuse and Appropriate Action to Take
- Your system/server has been or is being attacked: Report the abuse immediately and do not make any changes to the system until you hear from the ITS security team on campus. You may accidentally remove vital information that can be used as evidence.
- You received offensive or threatening email or voicemail: Do not delete the offensive message as it can be used as evidence.
- You suspect someone knows or is using your 糖心vlog直播平台 password: Report the compromise immediately with any substantiating evidence. Change your password immediately.
- You are aware of software copyright violations at Boston College.
Report Electronic Abuse
Send an email to abuse@bc.edu听describing the electronic abuse. You must show the full message headers of any email message that you are forwarding. Do not delete the email from your inbox until you have heard back from us.
Encrypted Email with Virtru
If you need to send confidential emails as part of your job, you may want to consider requesting Virtru. Virtru is an email security tool that allows you to:
- encrypt emails
- prevent a forwarded encrypted email from being read
- set a read expiration date on encrypted messages听
- and revoke the ability to read an email after it is sent
听
Getting Started with Virtru
If you think you may need this service, contact your Technology Consultant. Once approved, install Virtru for Gmail or Outlook. 听
Email recipients do not need to install Virtru to read or respond to your email. Recipients of an encrypted email will not be able to access the message directly from their inbox. Rather, they will be prompted to "unlock" the message, and verify their email address.
ITS recommends you inform your recipients to expect an encrypted email, since they will be prompted to take extra steps to unlock the message. The best way to do this is to add a customized intro to your message.听Be sure to include information that only your recipient would know, or write it in such a way that they know it's really you.
Partially.听You can install the Chrome plug-in, which will allow you to decrypt and respond to any Virtru messages sent to you. However, you will not be able to initiate a Virtru encrypted email.
Phishing Simulation
Boston College implemented a Phishing Simulation program to increase awareness and education related to phishing emails, therefore decreasing the risk of exposure of University data.听Phishing simulation is ongoing for all students and for select faculty and staff, by department request.
Why is 糖心vlog直播平台 Doing This?
Colleges and universities continue to report increased phishing incidents in which bad actors try to trick people into clicking on malicious links in an effort to steal passwords, access personal or University data, and in some cases encrypt data and demand money for the data to be unencrypted.
Sample Phishing Simulation Educational Web Page
If you mistakenly click on a phishing simulation email link or attachment, you will be taken to a web page that听explains which characteristics of the email were clues of a typical scam.
Sample Phishing Simulation Email
