Phishing emails – “Annual refund”

Phishing emails “Heriot-Watt University – Valuation Office Agency – Annual refund”

A high volume of phishing emails have been received by staff and students this afternoon.  Some are requesting bank details for refunds similar to the example below.

Do NOT click on the link in the email 

Phishing email example

If you think you have received a phishing email

  • DON’T click on any links
    DON’T open any attachments
  • Forward the email to abuse@hw.ac.uk
  • Delete it

Top tips to help you spot phishing emails

  • Be suspicious of any urgent requests for personal or financial information
  • Be aware: Phishing scams are common at main instalment payment dates
  • Check that you’re using a secure website when submitting credit card or other sensitive information;
  • Prevention: Your email details may have been taken from a social networking site so avoid disclosing your email address or make sure you hide it on your page
  • Look for tell-tale signs of phishing: Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often good indicators

 

Heriot-Watt secures Cyber Essentials Plus accreditation #InformationServices

We have recently been awarded Cyber Essentials Plus accreditation in information security following an audit by a Scottish Government approved assessment body, ID Cyber Solutions.

The UK government scheme, which is specifically designed for public sector organisations in the UK, is a globally recognised certification that serves as a kite mark for industries around the world and is increasing becoming a requirement for research funders.

Receiving the certification is testament to our commitment to cyber security. It is also a demonstration of our commitment to continuous process improvement and safeguarding data

Kathy McCabe, Global Director Information Services

The certification covers the entire range of IT services provided within the university. It includes an assurance framework and a set of security controls to protect information from threats coming from the internet. Cyber Essentials Plus includes additional independent testing which requires an on-site technical assessment.

We achieved accreditation by the 31st October 2018 target date set out by the Scottish Government as part of its Cyber Resilience Strategy for Scotland, making it the largest Scottish University of our size and complexity to achieve the CE+ certification to date.

Kathy McCabe, Global Director of Information Services labelled the certification a huge achievement and an absolute credit to the teams involved”, saying it was the “culmination of many thousands of hours of work undertaken by an institution-wide team of dedicated colleagues.”

She added: “Receiving the certification is testament to our commitment to cyber security. It is also a demonstration of our commitment to continuous process improvement and  safeguarding data. But more than that, it provides the necessary accreditation to access funding from a range of funders, a proactive step giving Heriot-Watt an advantage over other HEIs/competitors.” 

Congratulations to everyone involved.

Cyber-EssentialsPlus-forweb (1)

‘Payment submitted’ – spam and phishing emails

Phishing emails with ‘Payment submitted’  in the subject line similar to those below are doing the rounds – please beware

spam emailIf you think you have received a phishing email

  • DON’T click on any links
    DON’T open any attachments
  • forward the email to abuse@hw.ac.uk
  • delete it
  • Recent Posts

  • Follow HWU_IS on Twitter

  • Archives

  • Categories

  • Subscribe

  • Tags