IT Services would like to remind students to exercise caution whilst accessing emails over the festive period to minimise the likelihood of falling victim to phishing, fraud or seasonal scams. Unfortunately, the threats to both your individual and USW’s information security is particularly high at this time of year.

We would like to highlight the following guidance to help ensure your continued safe use of USW IT systems and data:

A wealth of advice on how to keep yourselves secure online can be found on the UK's National Cyber Security Centre website.

Getting a new mobile phone this Christmas?

If you currently use a personal mobile phone to access USW data and services, it is important to update your Multi-Factor Authentication (MFA) information to ensure continued access to your IT account.

Please follow guidance on the IT Account Access and Amendments page.

It is important to note that your old phone will be required to setup USW access for your new phone, so it's crucial to not wipe or dispose of it prior to completing the process. We also strongly recommend the use of the Microsoft Authenticator app as your default MFA method - guidance on how to install the authenticator app can also be found in the link just above.

What do I do if I receive a suspicious email?

Please forward the suspicious email to [email protected].  Please add into the email the details of your concerns, including a telephone number that we can reach you on over the festive period and a timeline of the activity of which you are concerned. Do not reply to the email, open any of its attachments or click on any of its links. If you have been prompted to enter your password and done so as a result of opening an attachment or link, then please reset your password beforehand as outlined in point six below.

How do I know if an email is suspicious?

Follow these guidelines:

1. Does the email appear to be genuine? If in any doubt – DO NOT open an email, unless you are 100% confident of the sender. If an email is marked as urgent or important and is actually genuine, the sender is likely to use other methods to contact you. Alternatively, contact the recipient using contact details you already have, or obtain legitimate contact information yourself from the internet.

2. Learn to recognise what an email from within the University or other genuine source usually looks like. During past attacks on USW systems, the subject message was 'IT DESK:-' - this differs from our typical IT response which comes from IT Support POB and has the standard subject line ‘Re: Case Cxxxxx’ (where the xx’s are replaced with a number). Anything different should raise a warning flag.

3. ‘Phishing’ emails often ask you to click a link and/or enter your user credentials. Attackers typically try to encourage recipients to access ‘fake’ portals, sign-in pages, or to respond to what seems to be a legitimate source. Even worse, they can instil a feeling of panic to force a response, such as urgent responses required to security breaches, critical updates / events or overdue contact from government departments to name a few.

4. Be mindful that all is often not as it may seem. Some emails may appear to come from certain individuals but hovering the mouse over the email address may display the true address. If the email comes from an established contact but the content seems out of character, it could indicate that the sender account has been compromised.

5. Be wary of emails that require you to open attachments or click on links. Only open attachments/links from trusted sources and if you are expecting them.

6. If you have clicked a link and entered details, change your password immediately on a different device by going directly to the University Self-Service Account Administration system and forward the suspicious email to [email protected].

Who should I contact if I need to raise an information security concern?

Please send an email with your contact number to [email protected].

How will I know if there is a significant IT security incident over the festive break?

If there is an IT Security Incident over the Christmas Break, a message will be placed on Connect and our IT Status page with a corresponding all-staff email with a subject of “IT SECURITY INCIDENT AS AT xx xx 22/23”.

Do not open any suspicious email. Go straight to the USW IT Status page to get details of the issue and what, if anything, you need to do.