Security issue – Android Device users Scam Alert

There have been widespread reports of a new scam affecting Android users called “Flubot”

This is a text-message scam that infects Android phones and is spreading across the UK. The message – which pretends to be from a package delivery firm, prompts users to install a tracking app – but is actually a malicious piece of spyware.

Crucially, it can take over devices and spy on phones to gather confidential data, including things such as sensitive work information or online banking details.

It has been reported on BBC news https://www.bbc.co.uk/news/technology-56859091

If you receive a text message that looks like the one below:
IGNORE: Do not click any links.
DELETE: Remove the text from your phone

British Summer Time and Vision

The clocks in the UK move forward by 1 hour on Sunday 28th March 2021, from GMT to BST (GMT+1). This is how the move to BST will affect Vision.


Blackboard Collaborate Ultra
The time is taken from the end user’s computer’s local time zone for session start and end times. So the times should not be affected by the change to BST.


Turnitin Assignments
Turnitin will move to GMT+1 when the UK moves to BST so deadlines set in Turnitin in the UK should not be affected. Colleagues in Dubai and Malaysia may wish to check as Turnitin Assignments will use GMT+1 instead of GMT after Sunday.


Vision (Blackboard) Assignments, Tests, Adaptive Release
Vision is set to GMT and remains so for the whole year, even when the UK moves to BST. This will affect Tests, Standard Vision (not Turnitin Assignments), and Adaptive Release settings. Therefore an assignment, test or adaptive release rule set for say 10:00am (BST) should be set on Vision for 9:00am (GMT).


Please remind students of the change to UK time from Sunday. If they are outwith the UK, their country of residence may not practice Daylight Saving Time (or the dates may vary from the UK).

Be vigilant for phishing and scam emails

Be vigilant for phishing and scam emails

We regularly receive reports from staff and students of suspicious emails e.g. false vaccination appointments, bogus HMRC tax refunds etc.
These can appear to be very believable and sophisticated and sometimes scammers can take names from university or company websites and then create other email accounts so the sender details look correct.

What to do:
If you think you have received a phishing email to your @hw.ac.uk account
Do not click on any links
Do not open any attachments
Don’t reply to the message

Information Services Help:
To notify Information Services of a phishing email, or you have concerns about whether an email is real or not,  please forward it to phishing@hw.ac.uk  and then delete it.


If you have received a phishing email, accidently clicked the link in it and provided your university credentials (username and password), please send an email to ishelp.hw.ac.uk for assistance.

Accounts that are suspected to be compromised will be blocked automatically for security purposes. 
If your account has been blocked because of this, please send an email to ishelp.hw.ac.uk for assistance.

Information Services are constantly working to make systems including emails as safe and secure as possible.
Planning is underway to implement Multi Factor Authentication for staff and then students to improve staff and student security and their data.

Top tips to help you spot phishing emails

(phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication).

  • Be suspicious of any urgent requests for personal or financial information
  • Be aware: Phishing scams are common at main instalment payment dates or connected to newsworthy events
  • Check that you’re using a secure website when submitting credit card or other sensitive information.
  • Prevention: Your email details may have been taken from a social networking site so avoid disclosing your email address or make sure you hide it on your page
  • Look for tell-tale signs of phishing: Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often good indicators

Warning regarding Sci-Hub website and phishing attacks

Sci-Hub is an illegal website which poses serious security risks and should be avoided by University students and staff.
Police have warned against using websites, and Sci-Hub, in particular that allow users to illegally access scientific research papers. 

The Sci-Hub website will be blocked for accessing on campus but it is important that students and staff do not access the site from home or off campus.

Sci-Hub obtains the papers through a variety of malicious means, such as the use of phishing emails to trick university staff and students into divulging their login credentials. 
Sci Hub then use this to compromise the university’s network and download the research papers” 
The City of London Police’s Intellectual Property Crime Unit (PIPCU) press release

Click & Collect service resuming

We are pleased to be able to reinstate click & collect services for print books at the Edinburgh and Scottish Borders Campuses. We know that this service is very helpful for students this year and apologise for any inconvenience caused while the review of its safety was carried out by the University. This week we are working through the backlog of requests received and revising our service in  the libraries. Further information of the full reinstatement and new process will be communicated early next week.

Phishing emails “vaccination appointments”

Please be aware that there are reports of several phishing emails being sent to HWU staff and student accounts.  Some of these emails claim to be from the NHS about vaccination appointments e.g. “important Book an appointment using the NHS e-Referral Service NHSVaccination” with links to book an appointment. 

If you think you have received a phishing email, do not click on any links, and do not open any attachments. 

If you are unsure if an email is real or not please forward it or screenshot the email content and send it to ishelp@hw.ac.uk 
If you have received a phishing email, accidently clicked the link in it and provided your university credentials (username and password), please contact the IS Helpdesk for assistance. 

Accounts that are suspected to be compromised will be blocked automatically.
If your account has been blocked because of this, please send an email to ishelp.hw.ac.uk for further assistance.

Top tips to help you spot phishing emails

(phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication).

  • Be suspicious of any urgent requests for personal or financial information
  • Be aware: Phishing scams are common at main instalment payment dates or connected to newsworthy events
  • Check that you’re using a secure website when submitting credit card or other sensitive information.
  • Prevention: Your email details may have been taken from a social networking site so avoid disclosing your email address or make sure you hide it on your page
  • Look for tell-tale signs of phishing: Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often good indicators

Digital copying services

The Digital Copies Service from Information Services will enable you to provide Copyright compliant scans of book chapters or articles via the Copyright Licensing Agency’s content store.


The service will provide teaching staff with scans of book chapters or articles for use in Vision. There is a requirement on all staff to ensure that scans are enabled within the limits of the University’s licence with the Copyright Licensing Agency (which applies to all UK campuses).


For more information about the service and how to request a scan, please visit this webpage
Digital copies service – Heriot-Watt University (hw.ac.uk)

New chatbot feature in Collaborate Ultra

Blackboard have updated Collaborate Ultra to include a “chatbot” for users.
The chatbot uses artificial intelligence to respond to user’s queries about Collaborate Ultra. All users can access the chatbot during a live session.
If you find the chatbot answer is not helpful, please contact IShelp@hw.ac.uk for more specific help. Please do not raise a ticket with Blackboard directly.
This will enable IS to track all issues and provide a more HWU specific response to any issues arising.

New training events from Information Services

IS will be running a number of training events over the coming weeks covering

  • Turnitin
  • Using Microsoft Sway to develop interactive materials
  • Using Microsoft Stream for hosting and sharing video content
  • Microsoft Forms
  • Top tips for creating great video content

To view the schedule and book a place on one of the sessions, follow this link http://bit.ly/infoservicestraining

Decommissioning of SharePoint2010 (update for staff)

The Enhancing Online Collaboration project has successfully reached the end of the content migration stage. New SharePoint Online Hubs and Workspaces were created and rolled out in 2020 for use across the different areas of the University.

It is now essential for the SharePoint2010 sites to be decommissioned and this will take place on Monday 8th February from 9:00am GMT.
After this date, it will no longer be possible to access any content on SharePoint2010.

  • Recent Posts

  • Follow HWU_IS on Twitter

  • Archives

  • Categories

  • Subscribe

  • Tags