Update: Thursday 19th March at 16.00
The Information Security team at Oxford University have observed an increase in malicious email activity exploiting the Covid-19 situation. An example of this is that cybercriminals are seizing on the likelihood that people are working from home, and maybe susceptible to strange service messages. Recipients may receive branded emails which appear to be non-delivery alerts, missed call or voice mail services. A link in these credible messages will take you to a fake login page which, if you enter your details, it will steal your SSO credentials, your personal details and compromise your account.
Familiarise yourself with normal services available to you as a member of the University. If you have received something for the first time, then exercise caution. Check the email sender or the address bar of web-pages and, if you are uncertain, then don’t engage with it. Send your suspect email, complete with message headers, on a new message to email@example.com for analysis and advice. Please include in your message to our security team details on how you received the message, if you have any instructions of that message (e.g. clicked on a link), and if so what information you have disclosed.
Further detailed advice and guidance on how to keep yourself safe online is available on the Information Security webpages.
For further updates regarding COVID-19 please visit the University guidance pages
Working from home securely - what you need to know
Please review the guidance on remote working and get yourself prepared in advance (including testing from home).
To protect yourself and the University, make sure that you:
Phishing emails – Further guidance.
Cyber criminals will exploit real world events to attempt access your personal data. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams.
World Heath Organisation (WHO) is aware of suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency. Because these are new messages and links to new sites that you may wish to visit, they can be very difficult to tell apart from the real thing.
What phishing emails look like
There are several tell-tale signs that may be exhibited by phishing emails:
- Asking you for a password, PIN or other personal information.
- Warning you about some problem or imminent threat (for example: “If you don't respond within 48 hours, your account will be closed")”
- Using technical jargon and an incentive to part with your data (for example: “We are asking for your password as we are refreshing our database to create more space for you”).
- Asking you to open an attachment or make a donation.
- Relating to news items and upcoming public events (for example WHO donation requests).
- Poor spelling and grammar.
- Using generic greetings such as “Dear Patient” or “Dear Email User”.
- Using a fake ('spoofed') email address - perhaps even your own!
Here’s what to do to avoid getting caught out by phishing attacks at Oxford:
- Check the address bar in a web page. Look for a padlock symbol indicating the the site has a security certificate. Never enter SSO credentials into strange sites.
- Use official channels to reset your password or check your quota (select ‘show email usage and quota’).
- Report phishing attempts targeting University credentials to firstname.lastname@example.org and include the original phishing email as an attachment.
- Report other phishing emails to the target institution.
- Delete phishing emails after reporting.
- Use the University mail filtering for spam.
Continue to be our first line of defence!