The December holiday period, when online retail activity peaks, is a particularly rewarding time of year for cyber criminals. You can help protect yourself – and the University – by being alert to the dangers and thinking carefully before you respond to anything if you’re not absolutely sure of the provenance.
Some attempts are easy to spot. Emails with misspellings, bad grammar and too-good-to-be-true offers (discovered inheritances, hugely discounted desirable goods, commission for banking money for a deposed foreign dignitary) may not catch out those used to working and socialising online. However, attacks are becoming more professional and targeted. There has been a dramatic rise in cases of CEO fraud (also known as whaling attack) where an employee is tricked into making a payment via an email or phone call purporting to be from a senior manager. Advances in technology and a digitally-networked community mean it is relatively easy for hackers to harvest people’s contacts. Email addresses closely resembling those of the individual being impersonated are simple to set up and company identities can be mimicked convincingly. We must all be on our guard.
Our IT help pages provide guidance on dealing with suspicious emails and our IT security blog will post regular updates about the various approaches criminals might use to trick you or people you know into parting with confidential information, sensitive data or money. If you need to advise students about staying safe online, you can point them to the information on shuspace or tell them to check out the government–backed www.getsafeonline.org website.
Starting this month, Digital Technology Services will be stepping up its drive to help staff protect themselves and the University’s data and IT services. This programme of work will include a more obvious presence on the home page of the staff intranet for reminders about cyber security; messages on the lock screen of staff PCs; and occasional pop-ups, slide shows and videos. It’s critical that, as an organisation, we stay educated about online safety as the world of cyber crime continues to develop apace.