ISS Security Notice:

 
To keep your software updated and the DCU network/connected devices safe from malicious viruses please shutdown your PC at the end of the working day. If you have any concerns or queries please log a ticket with our servicedesk or call ext. 5007.

Phishing emails come in all shapes and sizes, but fortunately, there are some "tells" you can look for to help spot potential scams.

1. It just doesn't look right. ls there something a little off with the emails? Too good to be true? Trust your instincts if they tell you to be suspicious.

2. Generic salutations. Instead of directly addressing you, phishing emails often use generic salutations like "Dear Customer." Using impersonal salutations saves the cyber criminals time so they can maximise their number of potential victims.

3. Links to official-looking sites asking you to enter sensitive data. These spoofed sites are often very convincing, so before revealing personal information or confidential data examine the site to make sure it's real.

4. Unexpected emails that use specific information about you. Information like job title, previous employment, or personal interests can be gleaned from social networking sites like LinkedIn and then used to make a phishing email more convincing. 

5. Unnerving phrases. Thieves often use phrases meant to scare you (such as saying your account has been breached) to trick you into acting without thinking, and in doing so revealing information you ordinarily would not.

6. Poor grammar or spelling. This is often a dead giveaway. An unusual syntax is also a sign that something is wrong.

7. A sense of urgency. For example: "If you don't respond within 12 hours, your account will be closed." By convincing you the clock is ticking, thieves hope you'll make a mistake.

8. "You've won the grand prize!" These phishing emails are common but easy to spot. A similar, trickier variation is asking you to complete a survey (thus giving up your personal information) in return for a prize.

9. "Verify your account." These messages spoof real emails asking you to verify your account with a site or organisation. Always question why you're being asked to verify - there's a good chance it's a scam.

10. Cybersquatting. Often cyber criminals will purchase and "squat" on website names that are similar to an official website in the hopes that users go to the wrong site, such as www.google.com vs. www.gOOgle.com. Always take a moment to check out the URL before entering your personal information.

What is Ransomware?

Ransomware is a Malware/Virus that stops you from using your PC. It holds your PC or files for ransom.

What does it look like and how does it work?

There are different types of ransomware, however all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.

They can:

•        Prevent you from accessing Windows.
•        Encrypt files so you can't use them.
•        Stop certain apps from running (like your web browser).

They will demand that you do something to get access to your PC or files.

•        Demand you pay money.
•        Make you complete surveys.
•        Often the ransomware will claim you have done something illegal with your PC, and that you are being fined by a police force or government agency.
•        These claims are false. It is a scare tactic designed to make you pay the money without telling anyone who might be able to restore your PC.
•        There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.

The recent WannaCry Ransomware screen:

There are three types of ransomware that are been reported:

1. File Encryptor - Encrypts personal files/folders (e.g., the contents of your My Documents folder - documents, spreadsheets, pictures, videos).  Files are deleted once they are encrypted and generally there is a text file in the same folder as the now-inaccessible files with instructions for payment.  You may see a lock screen but not all variants show one.  Instead, you may only notice a problem when you attempt to open your files. 
2. WinLocker - Locks the screen (presents a full-screen image that blocks all other windows) and demands payment. No personal files are encrypted. 
3. MBR Ransomware - The Master Boot Record (MBR) is a section of the computer’s hard drive that allows the operating system to boot up. MBR ransomware changes the computer’s MBR so the normal boot process is interrupted and a ransom demand is displayed on screen instead.

Which operating systems are susceptible to this type of attack?

As with a lot of malware, the majority of ransomware is targeted at the Microsoft Windows operating system.

Advice

•       Avoid opening any attachment emailed to you that you were not expecting or can not be verified from a known source.
•       Watch out for emails with attachments suggesting you must reply quickly or 'act fast' and hence, feel compelled to open the attachment quickly - without considering the source.
•       It’s essential to check the content of the messages you receive by email. As well as the content of emails, their attachments have become a very common method for propagating malware, which is one of the main means of infection by ransomware. For this reason, practices like checking the sender of a      message, taking care of offers that sound just too tempting to resist, checking that it is really an email that has been sent, and not clicking on suspicious links are basic measures to take in order to avoid falling victim to tricks that might result in infection.
•       For the record, we are Information Systems Services (ISS) and any communication from us should be personally signed – if in doubt, look up the sender from the DCU phone directory: http://www.dcu.ie/info/staff.shtml

What to do if  you think you may be infected

If you think that you may have been infected please contact Information Systems Services (ISS) immediately: iss.servicedesk.dcu.ie or call ISS on (01) 700 5007

ISS provide a WiFi network in DCU to provide connectivity for phones, tablets and laptops - what you may not know is that not all WiFi devices you purchase to use with this network are created equal! 

This applies not just in DCU, but on any modern WiFi network. The important thing to remember is that WiFi devices should be capable of using the 5GHz band. These devices can be identified by support for the standards 802.11a and/or 802.11ac.

As ISS refresh the wireless network across all university campuses, we will be adding additional capabilities that will only be available on the 5GHz spectrum. 

ISS strongly recommend that any devices you purchase support this standard. All devices purchased through the DCU laptop procurement process are dual-band capable. You may find that cheaper devices do not support 5GHz. 

The money saved in purchasing one of these devices is false economy. You may have to replace the device or add on an external USB WiFi dongle which is 5GHz capable in order to avail of future capabilities.

Microsoft Office 365 is now available to all current Dublin City Students free of charge.

This automatically updatable, subscription free based software ensures that DCU students always have the latest version of Word, Excel, PowerPoint and more for as long as they’re a student at Dublin City University.

Visit www.dcu.ie/office365 for information on how to install Office 365 for FREE on up to 5 different devices.