RSS Feed
News
Jun
23
Information Systems Services - Security Notice
Posted by [ISS] Niall Spollen on 23 June 2017 03:37 PM

ISS Security Notice:

 
To keep your software updated and the DCU network/connected devices safe from malicious viruses please shutdown your PC at the end of the working day. If you have any concerns or queries please log a ticket with our servicedesk or call ext. 5007.


Read more »



Jun
23
How to spot a Phishing eMail.
Posted by [ISS] Niall Spollen on 23 June 2017 03:33 PM

Phishing emails come in all shapes and sizes, but fortunately, there are some "tells" you can look for to help spot potential scams.

 

1. It just doesn't look right. ls there something a little off with the emails? Too good to be true? Trust your instincts if they tell you to be suspicious.

2. Generic salutations. Instead of directly addressing you, phishing emails often use generic salutations like "Dear Customer." Using impersonal salutations saves the cyber criminals time so they can maximise their number of potential victims.

3. Links to official-looking sites asking you to enter sensitive data. These spoofed sites are often very convincing, so before revealing personal information or confidential data examine the site to make sure it's real.

4. Unexpected emails that use specific information about you. Information like job title, previous employment, or personal interests can be gleaned from social networking sites like LinkedIn and then used to make a phishing email more convincing. 

5. Unnerving phrases. Thieves often use phrases meant to scare you (such as saying your account has been breached) to trick you into acting without thinking, and in doing so revealing information you ordinarily would not.

6. Poor grammar or spelling. This is often a dead giveaway. An unusual syntax is also a sign that something is wrong.

7. A sense of urgency. For example: "If you don't respond within 12 hours, your account will be closed." By convincing you the clock is ticking, thieves hope you'll make a mistake.

8. "You've won the grand prize!" These phishing emails are common but easy to spot. A similar, trickier variation is asking you to complete a survey (thus giving up your personal information) in return for a prize.

9. "Verify your account." These messages spoof real emails asking you to verify your account with a site or organisation. Always question why you're being asked to verify - there's a good chance it's a scam.

10. Cybersquatting. Often cyber criminals will purchase and "squat" on website names that are similar to an official website in the hopes that users go to the wrong site, such as www.google.com vs. www.gOOgle.com. Always take a moment to check out the URL before entering your personal information.

 

An example of a Phishing eMail from a bank to a DCU eMail a/c 


Read more »



May
4
Information on Phishing eMails
Posted by [ISS] Niall Spollen on 04 May 2017 12:50 PM

What is a Phishing eMail?

A phishing email tries to trick you into revealing personal information by appearing to be from a legitimate source. If you receive a suspicious message, do not provide the information requested. Please be advised that DCU will never ask you for your log in details by email.

We've included some tips to help you recognise phishing and keep your personal details secure.

Think before you click.

Pay close attention to sign-in screens.

Cyber criminals can use links in emails, tweets, posts and online advertisements to direct you to fake sign-in screens, where they can steal your password. Only sign in to your account when you are certain you visited the real site directly. Check the Internet address to be sure.

How can I recognise phishing?

You should always be wary of any message that asks for your personal information or messages that refer you to a web page asking for personal information. If you receive this type of message, especially from a source claiming to be DCU, please don't provide the information requested. DCU will never send unsolicited messages asking for your password or personal information, or messages containing executable attachments.

Messages or websites phishing for information might ask you to enter:

  • Usernames and passwords
  • PPS numbers
  • Bank account numbers
  • PINs (Personal Identification Numbers)
  • Full credit card numbers
  • Your mother’s maiden name
  • Your birthday

What should I do when I see a phishing scam?

Most importantly, never reply to suspicious emails, tweets, or posts with your personal or financial information. Also, don’t fill out forms or sign-in screens that link from these messages.

Most email providers, including DCU Apps, allow you to report suspicious emails and phishing scams. To report phishing in DCU Apps, click the drop-down arrow next to “Reply” and select “Report phishing.”


 Select the blue button on the bottom; Report Phishing Message to finish the process.
 

 
I provided my personal details in response to a phishing email, what should I do?
 
In this case please contact ISS and we can advise on the best course of action.

 


Read more »



Feb
11
Information on malware known as Ransomware.
Posted by [ISS] Niall Spollen on 11 February 2016 05:58 PM

What is Ransomware?

Ransomware is a Malware/Virus that stops you from using your PC. It holds your PC or files for ransom.

What does it look like and how does it work?

There are different types of ransomware, however all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.

They can:

  •        Prevent you from accessing Windows.
  •        Encrypt files so you can't use them.
  •        Stop certain apps from running (like your web browser).

They will demand that you do something to get access to your PC or files.

  •        Demand you pay money.
  •        Make you complete surveys.
  •        Often the ransomware will claim you have done something illegal with your PC, and that you are being fined by a police force or government agency.
  •        These claims are false. It is a scare tactic designed to make you pay the money without telling anyone who might be able to restore your PC.
  •        There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.

The recent WannaCry Ransomware screen:

There are three types of ransomware that are been reported:

  1. File Encryptor - Encrypts personal files/folders (e.g., the contents of your My Documents folder - documents, spreadsheets, pictures, videos).  Files are deleted once they are encrypted and generally there is a text file in the same folder as the now-inaccessible files with instructions for payment.  You may see a lock screen but not all variants show one.  Instead, you may only notice a problem when you attempt to open your files. 
  2. WinLocker - Locks the screen (presents a full-screen image that blocks all other windows) and demands payment. No personal files are encrypted. 
  3. MBR Ransomware - The Master Boot Record (MBR) is a section of the computer’s hard drive that allows the operating system to boot up. MBR ransomware changes the computer’s MBR so the normal boot process is interrupted and a ransom demand is displayed on screen instead.

Which operating systems are susceptible to this type of attack?

As with a lot of malware, the majority of ransomware is targeted at the Microsoft Windows operating system.

Advice

  •       Avoid opening any attachment emailed to you that you were not expecting or can not be verified from a known source.
  •       Watch out for emails with attachments suggesting you must reply quickly or 'act fast' and hence, feel compelled to open the attachment quickly - without considering the source.
  •       It’s essential to check the content of the messages you receive by email. As well as the content of emails, their attachments have become a very common method for propagating malware, which is one of the main means of infection by ransomware. For this reason, practices like checking the sender of a      message, taking care of offers that sound just too tempting to resist, checking that it is really an email that has been sent, and not clicking on suspicious links are basic measures to take in order to avoid falling victim to tricks that might result in infection.
  •       For the record, we are Information Systems Services (ISS) and any communication from us should be personally signed – if in doubt, look up the sender from the DCU phone directory: http://www.dcu.ie/info/staff.shtml

What to do if  you think you may be infected

If you think that you may have been infected please contact Information Systems Services (ISS) immediately: iss.servicedesk.dcu.ie or call ISS on (01) 700 5007


Read more »



Dec
15
Advice on purchasing WIFI devices.
Posted by [ISS] Niall Spollen on 15 December 2015 09:14 AM

ISS provide a WiFi network in DCU to provide connectivity for phones, tablets and laptops - what you may not know is that not all WiFi devices you purchase to use with this network are created equal! 

This applies not just in DCU, but on any modern WiFi network. The important thing to remember is that WiFi devices should be capable of using the 5GHz band. These devices can be identified by support for the standards 802.11a and/or 802.11ac.


As ISS refresh the wireless network across all university campuses, we will be adding additional capabilities that will only be available on the 5GHz spectrum. 

ISS strongly recommend that any devices you purchase support this standard. All devices purchased through the DCU laptop procurement process are dual-band capable. You may find that cheaper devices do not support 5GHz. 

The money saved in purchasing one of these devices is false economy. You may have to replace the device or add on an external USB WiFi dongle which is 5GHz capable in order to avail of future capabilities.


Read more »



Dec
11
Microsoft Office 365 FREE for all DCU students.
Posted by [ISS] Niall Spollen on 11 December 2015 11:19 AM

 

Microsoft Office 365 is now available to all current Dublin City Students free of charge.

sdth

This automatically updatable, subscription free based software ensures that DCU students always have the latest version of Word, Excel, PowerPoint and more for as long as they’re a student at Dublin City University.

Visit www.dcu.ie/office365 for information on how to install Office 365 for FREE on up to 5 different devices.


Read more »