It is vital that we as users take cyber security issues very serious, it is important to be made aware of the risks and what we can do to minimise the impact of Spam and Phishing attacks on our internal and external IT systems.
Hackers are getting smarter, they change their tactics daily, and because of this it has become very difficult to defend against all the variations of phishing and spam.
With the increase of our data being online, data mining apps, spam and phishing e mails are on the rise and we can all do our bit to help reduce these types of security breaches.
There are things we can do as end users to protect ourselves and others here at Cardiff Met.
Avoid clicking messages and email links even if they are from people you know: phishing through embedded links is a trick hackers use to steal personal information.
Were you expecting that e-mail with a link? If in doubt do not click it.
You can hover over a link with your mouse to see the destination URL. If the URL does not match what the text says, it's not a good idea to click on the link.
Use strong passwords, avoiding phrases or personal information that are easy to guess.
Update and upgrade your systems, antivirus software, and browsers regularly.
Do not give out personal information to people who claim to know you or claim to be representing a service or company you use.
Be careful when downloading files, because hackers' tricks include hiding malware in safe-looking links.
Check the "from Line" has it come from a trusted company?
As a rule of thumb, do not open attachments that you are not expecting. If a sender does not normally send you attachments, this is a sign that it could be a fraudulent email. In addition, if the attachment has a strange file type such as .exe or a duplicate file type such as .xls.xls you should not download or open it.
Setup your own Spam rules http://study.cardiffmet.ac.uk/IT/Flash/Pages/anti-spam.aspx
Examples of recent spam
Some example of the phishing e mails we have had, if you receive these type of e mails please delete ASAP: (the button could be any colour such as red, blue or green)
You may receive an e mail which has something like the below
Please take note that any link that starts with https://emea01.safelinks.protection.outlook.com has been scanned by our Threat management tools, but this does not mean the link is 100% safe. If you look at the link you will notice there is a section "URL=link.com/site.php" you need to inspect this part of the link, as this is the site you will go to if you click it.
If the address is not something you recognise, then please do not click the link. If it is something you are expecting and the link looks safe to click then please do with caution.
In the example above this is a Phishing e mail and should be deleted.
If you feel you have clicked these links or your account has been compromised then please get in touch with Helpdesk and they can advise of the next steps to take.
If you take one thing away from this; please be vigilant when clicking links, even if they are from someone you know. If in doubt do not click that link.