Cyber security advice and phishing emails

The University never asks you to disclose your password. This includes all departments across the university.

You should never disclose your password to anyone

We also never:

ask you to 're-validate' your account
threaten to block your email account because you have exceeded your storage limit or because you have used a new device you have never used before
ask for your password in order for your account to be upgraded
ask for your password for any other reason

If you ever receive any such emails, never reply and do not click on any links - please delete it immediately (and delete it from your deleted items).

Simply opening an attachment can render you susceptible to a ransomware attack.

Please report any suspicious emails to the University of Roehampton Cyber Security Incident Response Team: uor-csirt@roehampton.ac.uk

Please remember to keep changing your password on a regular basis, using the Password Self-Service.

Phishing emails - what to look for

Is the email expected ? Most phishing emails come out of the blue, if they do - be suspicious
Never automatically click on a link in an unexpected email
Always be suspicious of emails that ask you to visit a third party website - if you weren't expecting the email and don't know the sender - don't click on the link
Phishing emails may appear to be from the University of Roehampton - always check the actual email address they were sent from (roll your mouse pointer over the link to reveal its true destination).
Be wary of attachments as these can contain viruses. If in doubt - do not open the attachment

If in doubt - check with the Cyber Security Incident Response Team uor-csirt@roehampton.ac.uk before clicking on any links; opening any attachments or downloading any files

Many scam emails have the same characteristics:

They ask you for personal details
Can be offering something too good to be true
The email address that appears when replying does not match the address that the original email comes from
There are spelling mistakes

Further information:

CyberAware: www.cyberaware.gov.uk
Get Safe Online: https://www.getsafeonline.org/
Action Fraud: http://www.actionfraud.police.uk/fraud-az-phishing
Guidance issued by HM Revenue and Customs. Examples of websites; emails; letters; text messages and phone calls used by scammers and fraudsters
Citizens Advice