Carrying on from our security focus over the
past two weeks, we have seen a dramatic increase in the number of phishing
attempts directed at the education sector. Phishing is the attempt to
obtain sensitive information such as usernames, passwords, and credit card
details (and, indirectly, money), often for malicious reasons, by disguising as
a trustworthy entity in an electronic communication. They are often
sophisticated and look genuine.
Recent examples have had subject lines like
"You have received a secure message" or "Matt has a secure
message waiting for you". The content then has various legitimate
logos and words inviting you to collect your document via link. To the
trained eye there is something not quite right about them.
You can learn how to spot phishing email
messages by reading the eSolutions intranet page at http://intranet.monash.edu.au/esolutions/news/protect-your-email.html.
Ransomware
Often these phishing attempts result in the
delivery of Ransomware onto your computer. This is malicious software
that infects your computer and then encrypts your local data and data on shared
rives where there is access. It then directs you to a web site extorting you
for money in order to supply the decryption key.
If you suspect you may have been infected with
any type of malware DO NOTHING other than contact the Service
Desk immediately by phone. We will marshal our Security & Risk
team alongside our Service Centre staff to rectify the situation.
Self-Service Password Reset
One of the simplest things you can do to help
protect yourself is to register yourself for our Self-Service Password Reset
(SSPR) service. This will enable you to change your password yourself
using your mobile phone to receive a confirmation token.
You can register for SSPR at https://sspr.monash.edu/
No comments:
Post a Comment