Category: Security

Phishing Email – IMPORTANT NOTICE!

UoDIT is aware of more phishing emails being received by staff at the University.

Example Email below:


Subject: IMPORTANT NOTICE!

Hello

This is to notify all Students, Staffs of  University that we are validating active accounts. Kindly confirm that your account is still in use by clicking the validation link below:

Validate Email Now

Sincerely IT Help Desk

Office of Information Technology


 

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

https://www.dundee.ac.uk/it/services/security/

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

 

 

Phishing Email — De-Activation Notice

UoDIT is aware of more phishing emails being received by staff at the University.

Example Email below:

Subject: De-Activation NOTICE

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

https://www.dundee.ac.uk/it/services/security/

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

 

 

Phishing Email — Payroll Notification

UoDIT is aware of more phishing emails being received by staff at the University.

 

Subject: Payroll Notification

 


To All Faculty and Staff Members,

1 New Notification Regarding Your Payroll

www.dundee.ac.uk

Best Regards,

The University of Dundee is a Scottish Registered Charity, No. SC015096

  • © University of Dundee

 

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

https://www.dundee.ac.uk/it/services/security/

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Mail Phishing / Spam

UoDIT is aware of more phishing emails being received by staff at the University.

 

Subject: Final Warning: Upgrade your account Mail Update!

 

Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Spam/Phishing Alert | Be Vigilant

Please be aware of more fraudulent emails being sent to University email accounts. Phishing emails are designed to try and obtain your credentials or insert malware onto your computer.

Screenshot of latest phishing attempt given below:

Do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Phishing emails | please be vigilant

We have tested and deployed proactive measures to protect student and staff desktops against cyber attacks. The most recent attacks on campus have been through phishing.

What is phishing? 

Phishing is a social engineering technique used by cyber-criminals to steal personal information. It can be used for the purposes of identity theft, fraud or any other malicious attack. Within the University, the purpose of phishing is to obtain your credentials.

The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

Cyber-criminals often mask the emails to look like they are coming from legitimate businesses or government organisations. Within the University, recent examples are Microsoft and our unverified sender alert.

Educate yourself
These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself.
  • Finally, always report suspicious emails as ‘Phishing’ using the instructions in the video below.

Further advice can be found on the Information Security website section.

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Phishing Alert – Warning Phishing email – please be vigilant

Please be aware a phishing email that has come to light.

Subject: Subject: Office 365 account cancellation confirmation

Above: example of reported phishing email

The phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your passwords immediately.

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

Spam Alert – Warning IMPORTANT REMINDER: Storage capacity – Spam

We are receiving notifications that several users have received the following Spam message:

Dear Client,

Your storage space for Office account: JBlog@dundee.ac.uk is almost full.

92% Used

To get additional storage space Click Here.

© 2017
Terms of use Privacy & Cookies

Please do not click – this message is Spam

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distibution

 

Retiring Microsoft 2011 for managed macs

As of the Tue 10 Oct, Microsoft will no longer offer support for Office 2011 on Mac (e.g. Word, Excel, Powerpoint, Outlook etc). If you are using this version on your managed PC, please uninstall it and upgrade to 2016 so you continue to receive security updates.

How do I upgrade to 2016?

  1. Go to the Self Service window on your Mac desktop.
  2. Click the Common/Optional category
  3. Click Install next to Microsoft Office 2016

If you are unable to install this, it may mean that your PC is over 9 years old and cannot run the new update. If this is the case, we would recommend that your device be replaced and that you contact your manager or department head to discuss this.

Uninstalling Microsoft 2011

It is important that you remove the older software, as it is considered vulnerable.

  1. Go to the Self Service window on your Mac desktop
  2. Click the Maintenance category
  3. Uninstall Microsoft 2011

If you would like further support when upgrading, please contact Help4U.

 

Training on how to best use the software

Various OPD courses are available or you can visit Lynda.com.

Fake Invoice Emails

There are fake emails landing in the inboxes of some University Users today.  The original email looks like the following:

From: xxxxxx <sales@dundee.ac.uk>
Sent: Tuesday, September 26, 2017 10:03:58 AM
To: xxxxxx(Staff)
Subject: INVOICE

Dear Sir,

PLEAS FIND ATTACHED YOUR INVOICE AS REQUESTED.

Thank you and Kind regard’s

xxxxxxx
For Techno-Packaging.

P Please consider the environment – only print this e-mail if absolutely necessary

 

If you receive one of these emails, please do not reply to it or click any links in the body of the email – instead, please report the issue to help4u@dundee.ac.uk