Students Staff

Information security

October 17, 2018

A series of phishing emails targeting Essex accounts

Filed under: Computers, Email, Information security, Security, [Service Alert] — Trevor Smith @ 12:43 pm

A new round of phishing attacks have hit many of our mailboxes over the last 24hrs. The goal of these messages is to dupe our staff and students into providing their login credentials.

We would like to remind all staff and students once again to be aware of the dangers of clicking links within email messages, the source of which you are unsure of. In particular, messages which ask you to login and provide your username and password (or indeed any other personal information) should be treated with caution. More information on how to identify and report such messages can be found at the url below:

http://answers.essex.ac.uk/help/spot-a-phishing-email

The University of Essex will moderate comments and there will be a delay before any posts appear.

July 24, 2018

A fresh round of phishing emails

Filed under: Email, Information security — Trevor Smith @ 10:19 am

A new phishing attempt has hit many of our mailboxes over the last 24hrs and IT Services have managed to halt the activities of one compromised account which was responsible for sending out around 9,500 emails (we prevented more than 7,000 of these from being read). The authors of this phishing email were once again attempting to dupe our staff and students into providing their login credentials.

We would like to remind staff and students once again to be aware of the dangers of clicking links within email messages, the source of which you are unsure of. In particular, messages which ask you to login and provide your username and password (or indeed any other personal information) should be treated with caution. More information on how to identify and report such messages can be found at the url below:

http://answers.essex.ac.uk/help/spot-a-phishing-email

The University of Essex will moderate comments and there will be a delay before any posts appear.

March 9, 2018

5 tips for sharing information safely

Filed under: Information security — Dan Jolly @ 2:24 pm

720x200-graphic

Many of us have to share information with others on a daily basis to be able to do our job.

However, if you’re careless, information could fall into the wrong hands and this can have serious repercussions for the University. We might get bad publicity or even have to pay large fines.

If you have to share information with others, you have a responsibility to take care when doing so.

1. Before you send that email. Stop. Check.

Always double check all the recipients to make sure you’re sending it to the right person.

2. Share links to documents, not attachments

Avoid sending attachments or inserting information directly into emails. Instead, save the information in a document and put it somewhere secure that people can access. Then all you need to do is email a link to it or just tell people where it is.

3. Only share what you need to share

For example, if you need to send a list of student names to a colleague but the names are in a spreadsheet with lots of other information, just copy the names to a new sheet and send that, not the whole spreadsheet.

4. Encrypt documents with a password

In Office and Adobe Acrobat, you can easily encrypt files with a password. This stops people who don’t know the password from being able to open the document. Don’t email the password though, share it in person or over the phone. Use a strong password and keep it in a safe place because if you forget the password it can’t be recovered.

5. Use contact groups

If you regularly email the same group of people, create a contact group for them. When you need to send to the group you only have to enter the group name. This saves time and reduces the risk of getting the names wrong.

Report an incident

If you accidentally share information with someone who shouldn’t have seen it then you must report it to infoman@essex.ac.uk

The University of Essex will moderate comments and there will be a delay before any posts appear.