MyGlasgow News

IT Services have issued fresh advice to University staff aimed at keeping everyone safe from internet crime. Very often bogus emails are disguised as Admin or Helpdesk messages.

The Internet is saturated with bogus emails attempting to obtain passwords by deception.  Around 90% of all email received at the University is blocked by automated measures designed to catch bogus messages.

The organised criminals who are behind these attacks are changing their tactics constantly, and becoming more and more sophisticated in how they operate.

“Spear phishing” encourages URL click-through by incorporating details about the victim – name, postal address, employer, partial account number – to foster trust and compliance.

It is inevitable that most people will receive fraudulent emails from time to time, so please be vigilant. With some simple steps you can make sure your data, your devices and your personal details are secure and protected.

• You should never respond to an email from any source asking for account details.
• The University will NEVER ask you for your password in an email.

You may receive email where the sender details are faked, appearing to come from some part of the University, such as IT Services, "The Helpdesk", or "The System Administrator".

• Treat all unsolicited email with suspicion, regardless of who the sender appears to be.
• Avoid clicking on links, or opening attachments in unsolicited email.
• Never send passwords by email.
• When visiting a web site that requires a password, always carefully type the URL address by hand, or better still, use a "known-good" bookmark.

For further advice about information security please visit http://www.gla.ac.uk/infosec

---

First published: 25 October 2013