Stay safe online

Phishing attacks are unsolicited emails or text messages designed to try and steal your personal details such as usernames and passwords or bank details. They often look like genuine messages from legitimate organisations and usually ask you to confirm personal details or verify your account by clicking on a link that takes you to a fraudulent website that has been made to look like the company's own site. Some will even pretend to be from the University.

Most will be unexpected and will be requesting something slightly unusual and will try to pressure you into acting quickly.  Remember to keep calm, nothing is so urgent that you haven’t got time to check it out.  Nothing is so confidential that you can’t seek advice.

Always be wary of any email that asks you to click on a link and provide sensitive personal information such as banking details or username and passwords. Information submitted on these fraudulent websites is harvested by criminals and may be used to steal money from your account or steal your identity. Most legitimate companies would never request sensitive information from customers via email.

• You should never click on a link from an unsolicited email or text message unless you are absolutely certain where it points to.
• Always hover over a link and have a close look at the URL before clicking on it. If you are using a mobile touch device then press and hold down on a link to reveal the full URL.
• If you are not sure then don’t click it and delete the message.

• Do make sure websites' addresses start with https –especially when you're exchanging sensitive information, such as your bank or credit card details. The 's' on 'https' means 'secure'. These sites encrypt your communication and are safe.

How to spot a phishing email

Criminals can easily crack a weak password. Protect yourself by making your passwords long but easy to use. We recommend you use at least 16 characters. An easy way to do this is to combine three or four unconnected words, adding numbers or other characters if necessary.

• Your passwords shouldn't contain personal information such as birthdays, addresses, phone numbers or names of friends and family members (including your pets).
• Always use a seperate password for different sites and systems
• Make sure you change them regularly
• Use a password manager to help remember all your passwords
  
  Find out more about password managers.
  
  
• Use Two Factor authentication if available

Cyber criminals can collect information about you from various social media platforms such as Facebook and Twitter and use it to build up a profile of you which allows them to impersonate you, open up credit cards in your name or get access to more of your personal information.

• Check your privacy settings on social media sites to make sure only friends can see your information.
• Don't publish everything about yourself to the whole world. In particular, be wary about making information such as your date of birth, home address, financial information and the names of close relatives freely available.

Make sure apply updates to all of your devices' operating systems and software as soon as you are prompted to do so. Software updates often contain security patches to protect you from the latest threats or exploits.

• Don't assume that your mobile device doesn't need antivirus protection. Make sure you regularly run antivirus software or scanning tools on your mobile devices. Android users can download free protection from McAfee via the Google Play store.
• Back up your data so it can be recovered if your device is compromised, lost or stolen.

Never put your Zoom or other online meeting information in a public forum such as a public Facebook group.  If you need to share this information with someone else, share it over a secure platform meant for only them. 

University's Centre for Cyber Security and Privacy - Top tips for staying safe online video