Parking Fine Scam - a number of colleagues have received a spam email regarding parking fines from UKPC Parking Control . Estates & Property Services have advised that the University car park contractor would never send colleagues an email in this way.
You are responsible for all ICT activity that takes place under your username, so protect it with a password and follow these tips:
Help! I've disclosed my password
If you have disclosed your password or think your account has been compromised, change your password immediately. You can do this by..
Although the university's email system incorporates advanced security features, it is important to understand that email security features are never guaranteed to detect all malicious or otherwise-undesirable emails; it is therefore vital that email system users remain vigilant when handling incoming emails.
Messages which, as a result of the University email system's security features, are detected as being offensive are either prevented outright from being delivered to the intended recipient, or they may simply have an offensive attachment removed.
Spam email is the electronic equivalent of junk mail. The term refers to unsolicited, and often unwanted material which is at best, annoying and at worst, malicious – causing considerable harm to your computer and yourself.
Spam emails may feature some of the following warning signs:
Phishing is a scam where criminals typically send emails to thousands of people. These emails pretend to come from banks, credit card companies, online shops and auction sites as well as other trusted organisations. They usually try to trick you into going to the site, for example to update your password to avoid your account being suspended. The embedded link in the email itself goes to a website that looks exactly like the real thing but is actually a fake designed to trick victims into entering personal information.
The email itself can also look as if it comes from a genuine source. Fake emails sometimes display some of the following characteristics, but as fraudsters become smarter and use new technology, the emails may have none of these characteristics. They may even contain your name and address.
Knowing how to avoid scams, spam and phishing is a critical life skill. Fortunately, simple safety measures will help you dodge the risks.
If you have any doubts about the validity of an email, contact the IT Service Desk
We've added some basic guidance to help you maintain the security of your own computer and to avoid the potential loss of the information that you might have saved to it.
Good security management includes:
Anti-virus and anti-malware software helps to protect your computer from viruses, worms and other malicious software. However the protection is only as good as the last update, as new viruses and malware are released every day.
Check that your virus definitions are up to date (View the program's Help - About screen to check for the last update). If more than two days, manually apply an update from the anti-virus provider's site, then disconnect from the internet before:
Also scan and disinfect any external drives e.g. USB memory sticks and disks, otherwise you will keep re-infecting your computer.
If symptoms persist, start the machine in Safe Mode. To do this press F8 during start-up (before the Windows Start-up Menu is displayed) and then select Safe Mode. This means the PC will start-up in a minimal configuration, with only essential parts of Windows loaded. Then repeat the above actions—run the complete scan etc. If symptoms still persist, the only remaining option is to reinstall Windows using the original disks.
If you require further assistance, please bring your device to the IT Drop In
Wrong! This is a commonly held belief. Although Windows based machines are more prone to infection (due to high numbers of Windows users worldwide) Macs can still get virus infected. It is less common for a Mac or Linux run computer to have a virus infection, but virus writers are widening their scope and targeting anything connected to the internet. Anti-virus products are available for these machines, so get searching and apply the same protection principles as advised for Windows users.
Remember that you need to have an up to date operating system and antivirus product before connecting to the University’s network.
Any computer, Mac or PC, connected to the internet is vulnerable to viruses, spyware and hacking attacks. University owned and managed computers should have these security settings and protection as standard. However, if you have a computer/laptop at home or in halls, you'll also need to implement these security measures. It is a lot easier (and much less technical) to protect your computer than you think.
Operating system (OS) - does all the background things to make your computer work e.g. Vista, Windows 7 & 10 or Mac OS X. The OS is only as secure as the day it was written and there are lots of hackers and viruses that take advantage of out of date operating systems, so you must get regular updates.
Microsoft's End Point Protection is the University's chosen anti virus software. By default this will be installed on all University PCs, with definition updates switched on.
The presence of the anti virus software is indicated by the system tray icon:
Common symptoms of a virus infection:
You should contact the IT Service Desk:
Any computer—Mac, Windows or otherwise—connected to the internet is vulnerable to viruses, spyware and hacking attacks. University-owned/managed computers should always have automatic operating system updates turned on as standard.
The operating system (OS) - does all the background things to make your computer work e.g. Windows Vista, 7 or 10, or Mac OS X. The OS is only as secure as on the last occasion when it was updated, and lots of hackers and viruses exploit out-of-date operating systems; so staying up to date with regular updates is imperative. You will receive alerts when updates are released and you are encouraged to install them at your earliest convenience. If the updates are not done, they will be applied automatically a week after release.
An information security incident is an actual or possible breach of the University's security policies and can include:
Report any concerns to the ITS Service Desk. The report is passed to the University IT Security Emergency Response Team (ITSERT) who respond to and manage investigations into information security incidents and ICT Acceptable Use Policy breaches.
ITSERT will deal with all reports in strictest confidence, sharing information only with individuals who need to be involved in the investigation. All information and investigation material will be stored securely.
All investigations are handled in line with the University's Acceptable Use Policy, and with relevant legislation. In some cases, requests for investigation may require completion of an ITSERT Investigation Authorisation form
You should always report your concerns because misuse could damage the University network, be illegal or have a negative impact on the University's reputation. All of these can have a negative effect on your studies or job with the University. By reporting your concerns, you are providing the best opportunity to prevent any recurrence and to limit damage to the University.
Identity theft happens when fraudsters access enough information about someone's identity (such as their name, date of birth, current or previous addresses) to commit identity fraud. Identity theft can have a direct impact on your personal finances and could also make it difficult for you to obtain loans, credit cards or a mortgage until the matter is resolved.
Most people are aware that they should protect their information in real life, for example by shredding documents with financial or personal details. However, there are many ways fraudsters can gather this information online as well. Prevent identity theft by:
The use of computing and networking facilities is permitted by the University on the condition that all users comply with the conditions stated in the following policies:
Users should note that the University's access to the internet is solely through the JANET network and that violations of the JANET AUP could potentially lead to this access being withdrawn.
All users of the University network are required to comply with the approved University Policies, Standards, relevant legislation and contractual requirements, and should seek advice when in doubt.
The University ICT Acceptable Use Policy (AUP) contains common sense rules about use of the University ICT facilities which will protect and preserve the facilities for all users. The AUP prohibits and blocks access to websites and content that are illegal or are categorised as obscene/tasteless; hate and discrimination; malicious content such as virus and spyware, as well as illegal download or upload of copyright protected material using peer 2 peer filesharing.
Copyright infringements (downloading or uploading copyrighted material without the copyright owners permission) constitute theft. It is illegal and therefore affects the University reputation. For more advice on copyright issues go to www.infogov.salford.ac.uk/copyright/ . Using torrent or other peer-2-peer filesharing to download or upload illegally obtained copyright protected material may result in: being disconnected from the University ICT facilities; and having to pay a £100 AUP reconnection fee.
Where there is a justified University business need for an individual to access prohibited websites / material, this can be supported. Please complete and submit the Prohibited Internet Access form to IT Services. The form gives clear instruction on the completion and authorisations, as well as advice required.