As any type of fraud, phishing can be extremely damaging and has already claimed victims on campus. Use the tabs below to find out more about phishing - what it is and what risks it poses.
How to protect yourself?
If you receive a suspicious email
- Do not reply, even if you recognise the sender as a well-known business or financial institution. If you have an account with this institution, contact them directly and ask them to verify the information included in the email.
- Do not click any links provided in these emails (or cut and paste them into a browser). This may download viruses to your computer, or at best, confirm your email address to phishers.
- Do not open any attachments. If you receive an attachment you are not expecting, confirm with the senders that they did indeed send the communication and meant to send an attachment.
- Do not enter your personal information or passwords on an untrusted Web site or form referenced in this email.
- Report any suspicious messages that claim to be from DCU or contain a suspicious attachment or link to Google via the Report Phishing option located the right side of each email beside the Reply option. See below.
- Delete the message.
If you responded to a suspicious email
- Contact Information System Services immediately
Never email your personal or financial information
Email is not a secure method of communicating sensitive information. Remember that legitimate financial institutions never ask for sensitive information via email.
Review your credit card and bank account statements
Check your bank and credit card accounts for any suspicious activity or unauthorised charges. Sign up for online statements if you do not already receive them to get the latest information.
Use caution with tax information
Revenue.ie: "If you receive an unsolicited email purporting to be from Revenue with a link to a website you should ignore it. Revenue will never send emails which require customers to send personal information via email or pop-up windows."
Use email etiquette
To ensure that your email isn't mistaken for an infected message:
- Always include a clear, descriptive subject for your email.
- Consider using a signature, your name and contact information, on your email.
- Always include a mention of the attachment and a description of why you are sending it in the body of your email.
- Use a unique password for each of your online accounts. Many people reuse a favourite password for multiple accounts, but if one of these accounts is compromised, they will all be at risk of data breach. ISS recommend that you use a password generator to ensure that the same password is not reused.
- Run a full virus scan of your computer every month. To detect the latest viruses, you must use a current version of your anti-virus software and keep it updated. ISS recommend that you use MacAfee which actively checks your computer for anti-virus software, firewall protection, and web security, and threats in your open applications. Contact ISS for a licence of MacAfee.
- Update your device's operating system with the latest security patches, including your mobile operating system. Use Windows Update (Windows) or Apple Software Update (Macintosh) and enable automatic updates to receive security patches as soon as they are released.
- Keep your software updated, especially your Web browser, mobile operating system, Adobe Reader and Flash Player.
- Restart your computer at regular intervals: ISS recommend that you reboot your computer at regular intervals to ensure that all software patches are deployed, installed and functioning correctly.
Back up your data
Have a recovery system in place so a ransomware infection can’t destroy your personal data forever. It’s best to create two back-up copies; one to be stored in the cloud and one to store physically, in a portable hard drive, thumb drive, extra laptop, etc. Disconnect these from your computer when you are done. Your back up copies will also come in handy should you accidentally delete a critical file or experience a hard drive failure.
All DCU staff and students have access to Google Drive where it is possible to upload and save all files. ISS highly recommend that all files should be backed up to Google Drive
- Upload Files for Storage: Receive unlimited free storage with DCU Apps.
- Share Files: Share files with friends and co-workers easily with DCU Apps Drive.
- Google Docs: When using Drive via your web browser you will have access to the Google Docs suite.
- For Personal Computers: Follow this link to the Google Drive website for installation and instructions.
- For DCU Devices: Follow the simple ZENworks instructions to install it on your machine.
- For Browser Use: We highly recommend you use the Google Chrome web browser to get the most out of Drive.
What is Phishing?
Phishing refers to different types of online scams that ‘phish’ for your personal and financial information (e.g., your passwords, PPS number, bank account information, credit card numbers, or other personal information).
These communications claim to come from a legitimate source: a well-known software company, online payment service, bank, or other reputable institution. Some will use an organisation's email address, logo, and other trademarks to fake authenticity. Phishing messages may also appear to be from a trusted friend or colleague.
Phishing communications can come from a growing number of sources, including:
- Phone calls
- Fraudulent software (e.g, anti-virus)
- Social Media messages (e.g., Facebook, Twitter)
- Text messages
What is spear phishing?
More sophisticated attacks, known as spear phishing, are personalised messages from scammers posing as people or institutions that you trust. They often collect identifiable information about you from social media or the compromised account of someone you know to make their messages more convincing. Never transmit sensitive information over email or social media, even if the communication requesting information appears to be legitimate.
Signs of phishing include:
- Ultimatum: An urgent warning attempts to intimidate you into responding without thinking. ‘Warning! You will lose your email permanently unless you respond within 7 days’.
- Incorrect URLs: Scammers may obscure URLs by using hyperlinks that appear to go to a reputable site. Hover your mouse over any suspicious links to view the address of the link. Illegitimate links often contain a series of numbers or unfamiliar web addresses.
- No signature or contact information: Additional contact information is not provided.
- Too good to be true offer: Communications about contests you did not enter or offers for goods or services at an unbelievable price are likely fraudulent.
- Style inconsistencies: Pop up windows that claim to be from your operating system or other software may have a different style or colors than authentic notifications. Communications that claim to be from a reputable organisation may be missing branding aspects such as a logo.
- Spelling, punctuation, or grammar errors: Some messages will include mistakes. ‘Email owner that refuses to update his or her Email, within Seven days’
- Attention-grabbing titles: "Clickbait" titles (e.g., "You won't believe this video!") on social media, advertisements or articles are sensationalist or attention-grabbing and sometimes lead to scams.
Please familiarise yourself with some of the telltale signs of Phishing
What are the Risks?
Don’t be fooled! These are fraudulent communications that in most cases have nothing to do with the institution they claim to be affiliated with. Opening, replying, or clicking the links provided in these emails poses a serious security risk to you and the campus network.
Some of the risks involved are:
- Identity theft: Once you provide your personal information in response to a phishing attempt, this information can be used to access your financial accounts, make purchases, or secure loans in your name.
- Virus infections: Some fraudulent emails include links or attachments that, once clicked, download malicious software to your computer. Others may also install keystroke loggers that record your computer activity.
- Loss of personal data: Some phishing attacks will attempt to deploy crypto malware on your machine, malicious software that encrypts files on a victim’s computer and denies owners access to their files until they pay a ransom.
- Compromising institutional information: If your university IT account is compromised, scammers may be able to access sensitive institutional information and research data.
- Putting friends and family at risk: If your personal information is accessed, attackers will scan your accounts for personal information about your contacts and will in turn attempt to phish for their sensitive information. Phishers may also send emails and social media messages from your accounts in an attempt to gain information from your family, friends, and colleagues.
What is Ransomware?
Ransomware is a Malware/Virus that stops you from using your PC. It holds your PC or files for ransom. Ransomware can make its way onto a system through a variety of means, with the victim ultimately downloading and installing a malicious application.
Once on the device, the malicious application will spread throughout the system and encrypt files on the hard drive or simply lock the system itself. In some cases, it may block access to the system by displaying images or a message across the device’s screen to persuade the user to pay the malware operator a ransom for the encryption key to unlock the files or system.
What does it look like and how does it work?
There are different types of ransomware, however all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.
- Prevent you from accessing Windows.
- Encrypt files so you can't use them.
- Stop certain apps from running (like your web browser).
They will demand that you do something to get access to your PC or files.
- Demand you pay money.
- Make you complete surveys.
- There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
Above is an example of the most recent Ransomware attack.
There are three types of ransomware that are been reported:
- File Encryptor - Encrypts personal files/folders (e.g., the contents of your My Documents folder - documents, spreadsheets, pictures, videos). Files are deleted once they are encrypted and generally there is a text file in the same folder as the now-inaccessible files with instructions for payment. You may see a lock screen but not all variants show one. Instead, you may only notice a problem when you attempt to open your files.
- WinLocker - Locks the screen (presents a full-screen image that blocks all other windows) and demands payment. No personal files are encrypted.
- MBR Ransomware - The Master Boot Record (MBR) is a section of the computer’s hard drive that allows the operating system to boot up. MBR ransomware changes the computer’s MBR so the normal boot process is interrupted and a ransom demand is displayed on screen instead.
Which operating systems are susceptible to this type of attack?
As with a lot of malware, the majority of ransomware is targeted at the Microsoft Windows operating system.
- Avoid opening any attachment emailed to you that you were not expecting or can not be verified from a known source.
- Watch out for emails with attachments suggesting you must reply quickly or 'act fast' and hence, feel compelled to open the attachment quickly - without considering the source.
- It’s essential to check the content of the messages you receive by email. As well as the content of emails, their attachments have become a very common method for propagating malware, which is one of the main means of infection by ransomware. For this reason, practices like checking the sendermessage, taking care of offers that sound just too tempting to resist, checking that it is really an email that has been sent, and not clicking on suspicious links are basic measures to take in order to avoid falling victim to tricks that might result in infection.
- For the record, we are Information Systems Services (ISS) and any communication from us should be personally signed – if in doubt, look up the sender from the DCU phone directory: http://www.dcu.ie/info/staff.shtml
What to do if you think you may be infected
If you think that you may have been infected please contact Information Systems Services (ISS) immediately: iss.servicedesk.dcu.ie or call ISS on (01) 700 5007