Common security threats

Email: Cybercriminals are notorious for including malicious attachments and links in emails that appear to come from trusted sources.

Websites: Many websites exist which if visited will attempt to infect your computer with malware. When browsing the internet ensure that you visit only trustworthy sites.

Unsecured networks: Connecting to unknown networks can leave your device vulnerable to malware. Public wireless access points are especially insecure.

• Install anti-malware software onto your computer and run periodic full system scans.
• Do not open email attachments from unfamiliar sources.
  
• Be cautious when browsing the web, do not visit a site which does not look legitimate.
• Be cautious with USB drives. Do not connect unknown USB drives to your computer.

• Popup ads appear even when your browser is not open.
  
• A security program you didn't install displays warnings.
• Posts that you didn't write appear on your social media pages.
• A program holds your PC for ransom.
• Suddenly you can't use common system tools.

For staff: 

1. Disconnect your computer from the internet.
2. Contact IDS Service Desk. 
3. Change your passwords from an uninfected computer.

For students: 

1. Install anti-malware/antivirus software to attempt to remove the malicious software. Ensure that you run a full scan of your system.
   
2. If antivirus not successful disconnect computer from internet.
3. Change your passwords from an uninfected computer.
4. Restore – Seek malware removal servies.

• Contains unusual links
• Asks recipient to provide personal details
• Appears to be from a well-known organisation 
• Official looking logos
• Unusual attachments
• Spelling mistakes

• Report the email.
• DO NOT click on any links in the email.
• DO NOT supply any personal information of any kind as a result of the email.
• DO NOT reply to the email or attempt to contact the senders in any way.
• DO NOT open any attachments that arrive with the email.
• DELETE the email from your computer as soon as possible.

• Delete any unsolicited email from an organisation (Flinders or otherwise) that asks you to provide sensitive personal information or account information.
• Never click on a link in an email, always manually type website addresses into your browser/search engine instead.

It is imperative that you act quickly to protect your Flinders University account.

• Report the email.
• Change your password immediately by visiting the Change your FAN password webpage.

At the University, 70-80% of our emails are rejected as spam. Although most of the spam sent to Flinders University email addresses is filtered, some of it may inadvertently slip through.

Spam can easily be identified by:

• The email address. A long string of alphanumeric characters before the @ suggests the email is spam.
• What comes after the @. Emails from respected companies or well-established websites will not have an email address from a provider such as accounts.flinders@gmail.com.
• A sense of urgency. If the email demands action is taken quickly, it is a reasonable indication of spam.
• Links within the message. A legitimate email from a respectable company would ask you to log into your account to make changes, not via an email link.
• Grammatical and spelling errors within the email message.

Spam and phishing emails are closely linked and are often confused however may both have undesirable consequences to University and personal information.

Stay vigilant, do not follow links or open attachments in emails that you do not recognise.

1. Report the email.
2. Delete it from your inbox, ensuring that you do not open any attachments or follow any links within the email.

The University maintains anti-virus and email filtering technology to minimise the likelihood of spyware infections.

You can further reduce risk of infection when using a University device by:

• Only downloading files from reputable sources and in formats that you recognise.
• Be security conscious, do not open email attachments from unfamiliar sources.
• Be cautious when browsing the web, do not visit a site that does not look legitimate.
• Trust your instincts – if it doesn’t look right, it probably isn’t.

• New toolbars added to your browser without your knowledge.
• Your browser navigation gets redirected.
• Your homepage, mouse pointer or search engine changes unexpectedly.
• Popup ads appear even when no browser is open or the internet is not connected.
• Computer performance has noticeably declined.

For staff: 

1. Disconnect your computer from the internet.
2. Contact IDS Service Desk. 
3. Change your passwords from an uninfected computer.

For students: 

1. Install anti-malware/antivirus software to attempt to remove the malicious software. Ensure that you run a full scan of your system.
   
2. If antivirus not successful disconnect computer from internet.
3. Change your passwords from an uninfected computer.
4. Restore – Seek malware removal servies.