All posts in category Email

Security issue – Android Device users Scam Alert

There have been widespread reports of a new scam affecting Android users called “Flubot”

This is a text-message scam that infects Android phones and is spreading across the UK. The message – which pretends to be from a package delivery firm, prompts users to install a tracking app – but is actually a malicious piece of spyware.

Crucially, it can take over devices and spy on phones to gather confidential data, including things such as sensitive work information or online banking details.

It has been reported on BBC news https://www.bbc.co.uk/news/technology-56859091

If you receive a text message that looks like the one below:
IGNORE: Do not click any links.
DELETE: Remove the text from your phone

Leave a comment
by cdonlan on 26 April 2021  •  Permalink
Posted in Email, HWU at SBC, HWU Edinburgh, News and Information, Security, Social Media, Staff, Student
Tagged ,

Posted by cdonlan on 26 April 2021

https://informs.hw.ac.uk/2021/04/26/security-issue-android-device-users-scam-alert/

Be vigilant for phishing and scam emails

Be vigilant for phishing and scam emails

We regularly receive reports from staff and students of suspicious emails e.g. false vaccination appointments, bogus HMRC tax refunds etc.
These can appear to be very believable and sophisticated and sometimes scammers can take names from university or company websites and then create other email accounts so the sender details look correct.

What to do:
If you think you have received a phishing email to your @hw.ac.uk account
Do not click on any links
Do not open any attachments
Don’t reply to the message

Information Services Help:
To notify Information Services of a phishing email, or you have concerns about whether an email is real or not,  please forward it to phishing@hw.ac.uk  and then delete it.


If you have received a phishing email, accidently clicked the link in it and provided your university credentials (username and password), please send an email to ishelp.hw.ac.uk for assistance.

Accounts that are suspected to be compromised will be blocked automatically for security purposes. 
If your account has been blocked because of this, please send an email to ishelp.hw.ac.uk for assistance.

Information Services are constantly working to make systems including emails as safe and secure as possible.
Planning is underway to implement Multi Factor Authentication for staff and then students to improve staff and student security and their data.

Top tips to help you spot phishing emails

(phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication).

  • Be suspicious of any urgent requests for personal or financial information
  • Be aware: Phishing scams are common at main instalment payment dates or connected to newsworthy events
  • Check that you’re using a secure website when submitting credit card or other sensitive information.
  • Prevention: Your email details may have been taken from a social networking site so avoid disclosing your email address or make sure you hide it on your page
  • Look for tell-tale signs of phishing: Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often good indicators
Leave a comment
by cdonlan on 23 March 2021  •  Permalink
Posted in Email, HWU at SBC, HWU Dubai, HWU Edinburgh, HWU Malaysia, HWU Orkney, News and Information, Security, Staff, Student
Tagged

Posted by cdonlan on 23 March 2021

https://informs.hw.ac.uk/2021/03/23/be-vigilant-for-phishing-and-scam-emails/

Phishing emails “vaccination appointments”

Please be aware that there are reports of several phishing emails being sent to HWU staff and student accounts.  Some of these emails claim to be from the NHS about vaccination appointments e.g. “important Book an appointment using the NHS e-Referral Service NHSVaccination” with links to book an appointment. 

If you think you have received a phishing email, do not click on any links, and do not open any attachments. 

If you are unsure if an email is real or not please forward it or screenshot the email content and send it to ishelp@hw.ac.uk 
If you have received a phishing email, accidently clicked the link in it and provided your university credentials (username and password), please contact the IS Helpdesk for assistance. 

Accounts that are suspected to be compromised will be blocked automatically.
If your account has been blocked because of this, please send an email to ishelp.hw.ac.uk for further assistance.

Top tips to help you spot phishing emails

(phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication).

  • Be suspicious of any urgent requests for personal or financial information
  • Be aware: Phishing scams are common at main instalment payment dates or connected to newsworthy events
  • Check that you’re using a secure website when submitting credit card or other sensitive information.
  • Prevention: Your email details may have been taken from a social networking site so avoid disclosing your email address or make sure you hide it on your page
  • Look for tell-tale signs of phishing: Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often good indicators

Leave a comment
by cdonlan on 01 February 2021  •  Permalink
Posted in Email, HWU at SBC, HWU Dubai, HWU Edinburgh, HWU Malaysia, HWU Orkney, News and Information, Security, Software, Staff

Posted by cdonlan on 01 February 2021

https://informs.hw.ac.uk/2021/02/01/phishing-emails-vaccination-appointments/

Phishing emails – “Annual refund”

Phishing emails “Heriot-Watt University – Valuation Office Agency – Annual refund”

A high volume of phishing emails have been received by staff and students this afternoon.  Some are requesting bank details for refunds similar to the example below.

Do NOT click on the link in the email 

Phishing email example

If you think you have received a phishing email

  • DON’T click on any links
    DON’T open any attachments
  • Forward the email to abuse@hw.ac.uk
  • Delete it

Top tips to help you spot phishing emails

  • Be suspicious of any urgent requests for personal or financial information
  • Be aware: Phishing scams are common at main instalment payment dates
  • Check that you’re using a secure website when submitting credit card or other sensitive information;
  • Prevention: Your email details may have been taken from a social networking site so avoid disclosing your email address or make sure you hide it on your page
  • Look for tell-tale signs of phishing: Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often good indicators

 

1 Comment
by cdonlan on 08 January 2020  •  Permalink
Posted in Email, helpdesk, HWU at SBC, HWU Dubai, HWU Edinburgh, HWU Malaysia, HWU Orkney, News and Information, Security
Tagged ,

Posted by cdonlan on 08 January 2020

https://informs.hw.ac.uk/2020/01/08/phishing-emails-annual-refund/

Ransomware attack

You will have noticed the high profile ransomware attack that has been in the news over the past few days. (http://www.bbc.co.uk/news/technology-39915440)

Information Services are monitoring our systems and have the necessary precautions in place to minimise the risks from ransomware, however, staff and students should remain vigilant at all times.

In particular, please be suspicious of any emails received from unknown sources with attachments or links:

  • Do not click on suspicious links
  • Do not open email attachments
  • Forward the email to abuse@hw.ac.uk
  • Do not plug in unattended USB devices that are found

Typically ransomware will be hidden in emails that look like invoices for goods, communication from the tax office (HMRC) or your bank, requests to authenticate your accounts (confirm your user name and password) following an update etc.

If you use a machine that is not on the managed desktop please ensure that you

  • Update all Anti-Virus
  • Have a backup in place and that it is operational
  • Use minimal user permissions where possible

Can we remind all users to log out from their machines at the end of the working day. Information Services apply updates and patches to managed machines overnight and some patches do not apply until a machine is restarted.

If you have not logged out and restarted your machine for a few days please do so.

See https://www.getsafeonline.org/protecting-yourself/ransomware/ for more information on protecting against ransomware.

Leave a comment
by Moira Stephen on 15 May 2017  •  Permalink
Posted in Email, HWU at SBC, HWU Dubai, HWU Edinburgh, HWU Malaysia, HWU Orkney, Security, Staff, Student

Posted by Moira Stephen on 15 May 2017

https://informs.hw.ac.uk/2017/05/15/ransomware-attack/

Email Attachments containing .exe .vbs or .scr files

The Heriot-Watt email system will no longer allow the distribution of zipped email attachments containing .exe .vbs or .scr files (attachments will be removed from messages).

These file types are considered high risk as they are often used by spammers and phishers to distribute viruses and malware by email.

This change will come into effect w/c 8th June 2015.

If you have any queries regarding this change please contact the IT Helpdesk (ITHelp@hw.ac.uk).

1 Comment
by Moira Stephen on 05 June 2015  •  Permalink
Posted in Email, Security, Staff, Student

Posted by Moira Stephen on 05 June 2015

https://informs.hw.ac.uk/2015/06/05/email-attachments-containing-exe-vbs-or-scr-files/

10 top email tips for students…

Basic email etiquette can help make your email communications go smoother, and also help you establish some best practice to take with you into your professional lives.

As a general rule it is best to have at least 2 email accounts – your business (university or work) email and your personal one (for friends and family) – and not to mix the two.

This is one of my longer posts…but stick with it…hope you find it useful.

  • Please note that email communications from Heriot-Watt University (e.g. from Registry, Information Services, Finance, your School etc) will be sent to your @hw.ac.uk address – and we prefer you to use your @hw.ac.uk email address when contacting us.

There are two types of email

Informal email is meant for emails to your friends, colleagues and (since we’re pretty informal at University) University staff.

Formal email is for when you write emails about job applications, interviews, internships, funding etc.

  • It might also pay to err towards formality when emailing anybody within the university that you don’t know very well (maybe someone outside your home School). Very few people are offended by somebody being too polite.

Informal emails

1. Start by addressing the person you’re writing to
Dear Moira” is fine – most members of staff don’t mind being called by their first name (but you might like to double check with your lecturer/professor).  It may be more formal for some countries/campuses/cultures – so go with whatever is acceptable practice for your environment.

If you don’t know the person you are emailing, or are contacting them for the first time, you might prefer to use their title – e.g. “Dear Dr Smith

If you want to be more informal then “Hi Moira” or “Hello Moira” would be fine.

Addressing the person at the start of the email is especially important if you’re writing an email which is copied to several people – if you don’t then it’s possible that everybody will think the email is intended for somebody else (and therefore do nothing). If you are writing to a generic mailing list you could start with “Dear mailing list” or “Dear All“.

2. The email should be short and to the point – and have a relevant Subject line
Rambling on and off the topic is never good and tends to obscure the actual meaning of the email.  Subject lines like “Help!” or “I’m stuck” –  or a blank subject line – aren’t particularly helpful to the recipient.

3. Manners aren’t optional
A “please” and “thank you” are always appreciated. And requests formed as a question rather than a command e.g. “Can I have an extension” rather than “I want an extension” or “Give me an extension” – are usually better received.

4. Use correct grammatical English
Remember that you are at University! Also avoid text-speak and obscure acronyms e.g. AAK (this one is maybe not that obscure…)

5. Provide enough detail
If you’re asking for an extension then say which course you need the extension for. If you are having an IT problem give as much information about the problem as you can. It will save the recipient having to write back to ask for more info.

6. Use normal capitalisation
Names, dates, places, most acronyms and the start of a new sentence should be capitalised. Entire sentences shouldn’t.

7. Size matters
Don’t send large attachments – compress files if necessary. Even if your email system can cope with the file you are sending your recipients might not be able to. Watch your file names too – you don’t want things like report.doc.doc – some systems might block it.

8. Sign off with your name
It’s also usual to have a “closing salutation” such as “Best regards“, Best wishes etc. (Cheers is OK between friends but probably too informal for general use).
See Formal emails, point 5 for more options.

9. Be patient
Staff won’t be sitting around just waiting for your email – they’ve lots of other things they need to be doing – so try to allow at least 2 or 3 days before you chase anything up.

10. Don’t send an angry email
If you are angry or upset about something – don’t put it in an email until you have calmed down a bit. It might be better to phone the person or talk to them face to face if you can. Angry emails can often make a bad situation worse.

OK – that was the 10 tips (so these are the ones I was counting…) – but there are a few more below you might find useful…

Formal emails

Most of the above applies – only in a stricter manner.

1. Address the email
If you know the name of the person you are writing to use both their title and name  e.g. “Dear Dr Smith“. Most academic staff will be “Dr” or “Professor” but this is not always the case. Most academics prefer “Professor” to “Prof“.  If you don’t know the name of the person then use “Dear Sir or Madam“.

2. Use correct, grammatical English
I realise I’m repeating myself but this is especially important if you’re applying for a job. Why should anybody employ somebody who has low standards in their professional work? It’s also worth using a spell checker for important emails.

3. Choice of email address
Give consideration to which email address you use. Formal emails are usually best from a professional sounding email address – so if you don’t want to use your @hw.ac.uk address, and your personal email is something like friskylady69@hotmail.com, you might like to create another personal email account with a more appropriate name for job applications etc.

4. Closing salutations
If you are writing a formal paper letter you should use
Yours sincerely if you address the letter to a particular named individual e.g. “Dear Dr Jones
Yours faithfully if you address the letter to a generic “Dear Sir or Madam

This rule can be applied to formal email as well.

Use your full (not your contracted) first name when signing off – even if all your friends call you Mikey – sign off with “Michael” and your surname.

Video

A short video highlighting some of the key points https://www.youtube.com/watch?v=oSetOU4kvxM

And one last thing to bear in mind

  • Emails are not a confidential medium – once you’ve clicked Send you are no longer in control of the information you have sent (also the case when posting to social media sites – it can go global before you know it!). Always do a final check – is it going to the right person, does it say the right thing, have you attached the correct file?

 

Sources (with modification)

https://www.cs.bham.ac.uk/~mgl/guides/email_etiquette.html

2 Comments
by Moira Stephen on 03 October 2014  •  Permalink
Posted in Email, Student

Posted by Moira Stephen on 03 October 2014

https://informs.hw.ac.uk/2014/10/03/email-etiquette-for-students/

Closure of old email service – 12th May 2014

Information Services will be starting the process of closing down the old Exchange 2003 email service on Monday 12 May 2014.

Initially we will be switching off the old webmail service at https://webmail.hw.ac.uk/exchange

This will also prevent access to the old email service from smartphones and other devices.

If you believe you are still accessing your email from this service then please contact the IT Helpdesk (ithelp@hw.ac.uk or on extension 4045)

Leave a comment
by Moira Stephen on 08 May 2014  •  Permalink
Posted in Email, Staff, Student

Posted by Moira Stephen on 08 May 2014

https://informs.hw.ac.uk/2014/05/08/closure-of-old-email-service-12th-may-2014/

« Older Posts

  • Recent Posts

  • Follow HWU_IS on Twitter

  • Archives

  • Categories

  • Subscribe

    Subscribe to InformS by Email
    Subscribe to InformS by RSS

  • Tags

    #12ReadsofXmas books Click and Collect discovery eBooks Edinburgh Edinburgh campus Feedback hardware helpdesk IDcards IT library Library building opening hours Phishing Printing Resources Security Software studyspace Study space Update VISION wifi
%d bloggers like this: