4 September 2017

Welcome back! How about a quick refresher course?

Nice, the holidays: a few weeks of not having to think about work, other students or the coffee machine. You were probably not thinking either about your passwords or all the good habits you learned after all the fuss about the massive ransomware attacks. How about a quick refresher course on working safely? Here it is in a nutshell.

Step 1: Secure your workplace

Starting with the basics: secure your PC or laptop when you leave your workplace. There’s a simple hotkey combination for this. Learn it off by heart and the more often you do it, the more it will come automatically. This will prevent someone from sniffing around in your files or emails without you knowing. 

  • On a Windows computer: press the key with the Windows logo in combination with the L key. Your PC will automatically be secured.
  • On an Apple computer: press the Control, Shift and Power keys simultaneously. Your monitor will go blank and your system will be secured.

Step 2: Don’t be fooled by phishing emails

This is more difficult because phishing emails are becoming increasingly smart. Nonetheless, there are a number of elements you can use to identify suspicious emails. Check the following aspects:

  • Does the sender’s name correspond with the actual email address? Often the two don’t really match.
  • Is the salutation not what you’re accustomed to from the organisation or person concerned? For example, “Dear Sir/Madam”, while you’re always addressed by your first name?
  • Are you being asked to give personal details or to check them by clicking on a link? Legitimate organisations will never ask for such details. Never click on the link!
  • Is there an attachment? Never open an attachment, and be critical of the file name, which is often vague or incorrect. A reliable organisation would also never send you an invoice in a .zip file. It probably contains malware.

In short:

Be wary of anything suspicious. Consider whether it would be logical for you to receive an email from this person or for them to ask you such questions or make such requests. Is it logical for you to receive an email from this department related to this subject? Were you expecting to receive an email?

Don’t just click on anything. Go to the sender’s website directly instead of clicking on the link. Check where the link would redirect you to by passing over the link with your cursor. Tip: you can do this on touchscreen devices as well by holding down the link for a while. 

Opened a phishing email by mistake? Immediately contact the IT Service Desk at +31(0)30 253 4500.

Any questions? Send an email to informatiebeveiliging@uu.nl.

Let’s make it a safe academic year together!