Category: Email

Phishing Email – IMPORTANT NOTICE!

UoDIT is aware of more phishing emails being received by staff at the University.

Example Email below:


Subject: IMPORTANT NOTICE!

Hello

This is to notify all Students, Staffs of  University that we are validating active accounts. Kindly confirm that your account is still in use by clicking the validation link below:

Validate Email Now

Sincerely IT Help Desk

Office of Information Technology


 

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

https://www.dundee.ac.uk/it/services/security/

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

 

 

Phishing Email — De-Activation Notice

UoDIT is aware of more phishing emails being received by staff at the University.

Example Email below:

Subject: De-Activation NOTICE

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

https://www.dundee.ac.uk/it/services/security/

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

 

 

Phishing Email — Payroll Notification

UoDIT is aware of more phishing emails being received by staff at the University.

 

Subject: Payroll Notification

 


To All Faculty and Staff Members,

1 New Notification Regarding Your Payroll

www.dundee.ac.uk

Best Regards,

The University of Dundee is a Scottish Registered Charity, No. SC015096

  • © University of Dundee

 

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

https://www.dundee.ac.uk/it/services/security/

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Intermittent Network Issues ( affecting Canon Printer scanning)

Good Morning,

Today UoD IT have been receiving reports of intermittent issues in relation to accessing off-campus / networked systems – e.g. affecting Canon Printers.

A UoD IT team  have been  investigating  this issue in conjunction with our 3rd party support partner and these services are now working through queues and are starting to operate as normal. We (and our 3rd Party support partner) continue to monitor these services.

Apologies for any inconvenience  – we will update you shortly …

Update @ 15: 37 on 22/12/17

Please be advised that this  issue  has now been confirmed as resolved by our Third Party partner . We have monitored  the situation for a 3 hour period and also confirm this is the case.

Apologies for any inconvenience caused

 

Mail Phishing / Spam

UoDIT is aware of more phishing emails being received by staff at the University.

 

Subject: Final Warning: Upgrade your account Mail Update!

 

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Phishing Email – Alert

Please be aware of a phishing email that has come to light.

Subject: UNVERIFIED SENDER:Security Alert

This phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your password immediately.

Further advice is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

The phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your passwords immediately.

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

The phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your passwords immediately.

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

Phishing Alert – Warning Phishing email – please be vigilant

Please be aware a phishing email that has come to light.

Subject: Subject: Office 365 account cancellation confirmation

Above: example of reported phishing email

The phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your passwords immediately.

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

Spam Alert – Warning IMPORTANT REMINDER: Storage capacity – Spam

We are receiving notifications that several users have received the following Spam message:

Dear Client,

Your storage space for Office account: JBlog@dundee.ac.uk is almost full.

92% Used

To get additional storage space Click Here.

© 2017
Terms of use Privacy & Cookies

Please do not click – this message is Spam

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distibution

 

Fake Invoice Emails

There are fake emails landing in the inboxes of some University Users today.  The original email looks like the following:

From: xxxxxx <sales@dundee.ac.uk>
Sent: Tuesday, September 26, 2017 10:03:58 AM
To: xxxxxx(Staff)
Subject: INVOICE

Dear Sir,

PLEAS FIND ATTACHED YOUR INVOICE AS REQUESTED.

Thank you and Kind regard’s

xxxxxxx
For Techno-Packaging.

P Please consider the environment – only print this e-mail if absolutely necessary

 

If you receive one of these emails, please do not reply to it or click any links in the body of the email – instead, please report the issue to help4u@dundee.ac.uk

Delayed Implementation: New Email Security Feature

This change was not implemented on Tue 15 Aug due to unforeseen circumstances.

The Sender Policy Framework (SPF) will instead be applied to the University’s email system on Thu 28 Sep. This best practice measure is part of an ongoing effort to help everyone stay safe and secure.

What does SPF do?
It passes your received email through an automatic ‘check’ to:

  • Verify that it comes from the University’s email system
  • Confirm that the displayed sender address matches the one found in the email header (i.e. it is not from a ‘spoofed’ account)

SPF inserts a warning message into any email that fails either/both of these checks to let you know it carries the tell-tale signs of an illegitimate message. From then on, it is up to you to make some informed decisions.


Will I notice anything different?
Potentially, yes. If any of the emails you receive fail the SPF check, they will be tagged with text (outlined below) in the subject line and the email body itself as a header to highlight this to you:

  • Subject line: ‘UNVERIFIED SENDER’
  • Email body: ‘The University e-mail system cannot verify the authenticity of this message; treat it with caution’

Does that mean it’s definitely spam?
No. The check itself is not 100% fool proof and on occasion, it may fail legitimate emails. If there are grounds for you to think this is the case, for example you were expecting an email from that person or on that subject, personally check with the sender to confirm their email is genuine before engaging with anything in it.

What is it for then?
SPF is here to enhance your ability to identify malicious emails, not to replace your important and continued role in the process of doing so. Please always consider each email you receive with care and exercise the sound thinking we’ve shared with you on many occasions before interacting with any links, attachments or calls to action they contain, as we know you already endeavour to do.

What should I do if I receive an email with the warning message?

  • Follow the advice given above and be cautious with it until you are confident it is legitimate. If you cannot confirm this yourself, please contact IT via Help4U so we can investigate on your behalf.
  • Follow the instructions below in the event the email is suspicious and we will apply appropriate technical measures to prevent that sender entering anything into your email system again.

How do I report a suspicious email?
Send (do not forward) it to us as an attachment using the instructions on this webpage.

Why are we doing this?
Every day brings with it more headlines about accounts being hacked, ransomware attacks making their way around the world and systems being compromised. The University takes security seriously and SPF is a small factor we can introduce that will help you contribute to keeping your place of work or study as cyber safe as it can be.

We apologise for any inconvenience caused by this delay, particularly to anyone who has received suspicious emails in the interim.

If you have any questions or concerns about this change, please contact us via Help4U (ref C1707-023).