Tag Archives: cyber security

Cyber Smart Week 18 – 24 October 2021

Cyber Smart Week is a national awareness campaign, bringing attention to all the little things each of us can do to increase our cyber resilience and protect ourselves from cyber security threats.

Are you still leaving your digital security door wide open?

So many people are hacked every day and it can happen to you – don’t wait until it’s too late to protect yourself and your loved ones.

Start moving in the right direction now. Here are two great links to get your started:

Top tips to protect your cyber security:

Keep yourself updated.
One of the most vulnerable and common channels for attack is outdated software. Cyber criminals have millions of infected machines that continually scan the internet looking for vulnerable devices to attack.

They use holes in software, operating systems and communications, to push their way through the cracks and try to execute code, and once they have a foothold, they can cause a huge amount of damage. Find out how to best look after your devices here>

Taking a break? Lock your laptop
When you step away from your computer, make sure you lock it. We’re not suggesting your colleagues can’t be trusted, but what if you’re out of the room, and then they leave the room too?

Suddenly everything on your computer is available to anyone who passes by. Someone could:

  • send malicious emails from your inbox
  • steal files
  • install and send viruses from your machine
  • install malware that steals your credentials

and many other destructive things – all of which you could be held accountable for because you left the ‘front door’ of your computer open. For best practice when taking your coffee break, click here>

Something smells phishy
Can you imagine the headache you’d have if a hacker got access to your social media, banking, dating, or email login details? But these aren’t things you’d voluntarily hand over, right?

Before opening an email you weren’t expecting to receive, consider these questions.

  • Is the spelling and grammar in the message correct?
  • Does the link and the text match (hover your mouse over the link and you’ll see where it really goes).
  • Does the email urge you to take immediate action?
  • Does the email address of the sender look reasonable given the content of the email?
  • Look at the salutation (does it say ‘Dear Customer’)?
  • Look at the signature, a lack of details or how you can contact the company suggests phishing.
  • Are you even expecting an email from that sender?
  • Is the message asking you to do something unusual? (e.g., buy iTunes cards).

Here’s some top tips to spotting a phishing scam>

If in doubt, talk to ITS. Here’s how to report a cybersecurity incident:

To learn more about Cyber Security here at UC, reach out to our Cyber Programme team>

Protecting ourselves from cyber threats

At UC, we want to help each member of our community to be safer online. In the wake of the recent cyber-attack on Waikato Hospital, we’re urging all UC staff and students to be vigilant with cyber security.

Cybercrime will impact every organisation and individual at some time, and it can take many different forms. Just like in the physical world, there are things we can do to protect ourselves. Through knowledge sharing and action, we can reduce the chances of you being a victim of cybercrime and minimise its impact, should it happen.

Cyber threats are real and can happen to you
It’s not a case of ‘it will never happen to me’. It can. Hackers and cyber-criminals can do amazing things, and access to your device or personal credentials can take a massive toll on your personal and professional life. Please don’t wait until it’s too late. Read more>

Phishing scams – how to spot them and what to do:
Phishing (pronounced ‘fishing’) is a technique used by hackers and other cyber-criminals to trick people into giving over personal details or taking action, often over email.

A phishing scam might ask you to click on a link, get you to open an attachment, download a file or even pay an invoice or bill. These cyber-criminals spend a lot of time setting up lures and scams, making them look convincing and legitimate.

Most modern email providers – like UC’s own email system, Gmail, Office365, Outlook and Yahoo have filters to stop phishing and spam email from getting through, but some still do, and the best protection is awareness.

Only open emails you’re expecting from people you know, and make sure you treat suspicious email appropriately. If you do receive a suspicious email, use the following advice:

Click here for more on Cyber Security Awareness at UC>

For further information contact the IT Service Desk on:

 

Looking after your devices

Do you share thoughts and memories, pictures of holidays, gatherings and other adventures online? Do you share these things on one or more social media platforms?

One of the most vulnerable and common channels for attack is outdated software. Cyber criminals have millions of infected machines that continually scan the internet looking for vulnerable devices to attack. They use holes in software, operating systems and communications, to push their way through the cracks and try to execute code, and once they have a foothold they can cause a huge amount of damage.

Damage could include:

  • stealing your information
  • using your device without your knowledge to spread malware, attack online services, mine cryptocurrency, etc.
  • overriding safety settings on your device and encrypting the data.

To avoid this you should actively keep your device up to date installing updates that are available for your device. Also make sure you keep software and apps on your devices up to date. These updates often ‘patch’ security vulnerabilities that criminals use to exploit devices. Take a few minutes now to make sure your device is up to date.

Other things to consider.

  • Make sure you download software from reputable sources such as Apple App Store, Google Play, Microsoft, Amazon, Steam.
  • If you are getting ‘free’ software, what are you giving the publisher in return? They might be tracking your location or want access to your address book.
  • Use anti-virus and anti-malware tools to scan your device regularly (yes, even MacOS users should do this).
  • Avoid using portable USB storage across multiple devices.
  • Is information on your device backed-up somewhere?
  • Is your device need a password to gain access? – it should.
  • Use a secure browser and think about where you are browsing too, is it ‘legit’?

How to report a cyber security incident at UC

Log a ticket on the IT Self Service portal>
Ring IT Service Desk on 0508 UC IT HELP (0508 824 843) or on 03 369 5000.
Email report-phishing@canterbury.ac.nz and attach phishing email, ensuring header of scam email is included.

If you have any questions, contact the IT Service Desk or visit the desk located in the Central Library. Call us on our free call number 0508 UC IT HELP (0508 824 843) or on 03 369 5000.

Taking a break? Lock your device

When you step away from your computer, make sure you lock it. We’re not suggesting your colleagues can’t be trusted, but what if you’re out of the room, and then they leave the room too? Suddenly everything on your computer is available to anyone who passes by. Someone could: send malicious emails that are apparently from you; steal files; install and send viruses from your machine; install malware that steals your credentials; and many other destructive things – all of which you could be held accountable for because you “left the front door of your computer open”.

Anytime you step away from your computer, even just to grab a coffee or go to the bathroom, lock your computer.

Below are shortcuts to lock your Windows, Linux and Apple Mac computers:

Windows

  • Press ‘Windows + L’ (for Lock).
  • Alternatively, press Ctrl + Alt + Del, then click Lock this computer.

Linux

  • Press the Super key, and ‘L’ (for ‘Lock’). So that’s Win + L.
  • Or if you are running an older version of Linux use Ctrl + Alt + L.

Mac

  • Press ‘Control + Shift + Eject’ or ‘Control + Shift + Power’.

It is shocking what someone can do with your identity: they can get access to EVERYTHING you do on your device which in turn can take a massive toll on the University and you individually, and damage your relationships.

  • You could find all your data has been deleted or encrypted and held for ransom
  • The University network could be locked down – stopping staff and students from being able to work – and requiring millions of dollars and weeks or months to fix
  • You could lose access to your banking and social media accounts
  • Your identity could be stolen
    • Loans and credit cards may be opened in your name
    • Unauthorised purchases may be billed to you
    • You may become a victim of tax fraud
    • You may be locked out of apps and web-based services, forever!! (Losing family photos, thesis papers etc.)
    • Your electronic devices may be used as a tool of cyber-crime (sending spam or spreading malware)

Find out more about cyber security at UC here>

How to report a cybersecurity incident

If you have any questions, feel free to contact the IT Service Desk. Call us on our free call number 0508 UC IT HELP (0508 824 843) or on 03 369 5000.

Tips to spot a phishing scam

Can you imagine the headache you’d have if a hacker got access to your social media, banking, dating, or email login details? But you wouldn’t just hand this kind of information over to a stranger would you?

Hmm, here are some basic tips to spotting a scam.

Consider these before opening an email that you weren’t expecting to receive.

  • Is the spelling and grammar in the message correct?
  • Does the link and the text match (hover your mouse over the link and you’ll see where it really goes).
  • Does the email urge you to take immediate action?
  • Does the email address of the sender look reasonable given the content of the email?
  • Look at the salutation (does it say ‘Dear Customer’)?
  • Look at the signature, a lack of details or how you can contact the company suggests phishing.
  • Are you even expecting an email from that sender?
  • Is the message asking you to do something unusual? (eg. buy iTunes cards).

Together we can make a difference, but what should you do next?

If you think it’s a phishing email or spam:

If the message is plausible:

  • go to the website of the service, or bank yourself (don’t click that link in the email), then log in and see if you have any messages
  • if it’s someone sharing a file or similar with you, contact the person (in a new email not by using ‘reply’) and ask them.

If you’re not be sure, treat it with caution and report it

It it amazing what hackers can do with access to your device, they get access to EVERYTHING you do on that device which can take a massive toll on you individually and damage your relationships.

  • You could lose access to your banking and social media accounts.
  • You could find all your data has been deleted or encrypted and held for ransom.
  • Your identity could be stolen,
    • loans and credit cards may be opened in your name.
    • unauthorised purchases may be billed to you.
  • You may become a victim of tax fraud.
  • You may be locked out of apps and web-based services, forever!! (Losing family photos, thesis papers etc).
  • Your electronic devices may be used as a tool of cyber-crime (sending spam or spreading malware).

See more about cyber security at UC>