Cybersecurity
For any Cyber Security issues or questions, please email cybersecurity@londonmet.ac.uk quoting your ticket reference number.
Boxphish cybersecurity training - new modules available!
Cyber crime and scamming is currently at an all time high. It is vital to the safety of both you and the University that we know how to spot such attacks.
To help with this, Cybersecurity training is available to all students as part of your studies. The training is provided by cybersecurity specialists Boxphish and comes in bitesize training modules that take about 5 minutes to complete. Each module focuses on a different cybersecurity risk area and the feedback we've received so far has been really positive:
"Immediately after completing the training, I reset my social media privacy settings, and intend to use different passwords for different accounts to prevent all my accounts from being logged into in a case of hacking."
"(I will) take cyber world more seriously…I didn’t think it was important until now."
You will find the Boxphish modules in your school weblearn organisation:
- AAD 'Cybersecurity Quiz' folder in AAD Academic Support Organisation on Weblearn
- SCDM School of Computing and Digital Media Weblearn organisation > Boxphish cybersecurity training > Cybersecurity awareness
- SHSC Weblearn organisation > Cyber Security Training
- SSSP School Weblearn organisation > Learning Materials folder
- GSBL Citizenship Weblearn (The London Met Passport) organisation
What is phishing?
Phishing is a type of online identity theft usually, claiming to be from an organisation that you may trust, that uses email and fraudulent websites to trick you into sharing your information such as credit card numbers, passwords, account data or other valuable information.
Spam is unwanted, junk email, typically sent to large numbers of people, for the purposes of advertising, phishing, spreading malware, etc.
How to spot phishing
Email fraud that targets university staff and students is on the rise. It is becoming increasingly sophisticated and hard to identify.
We have systems in place to limit how many fraudulent emails get through and to minimise the impact where possible. However, some emails will always get through, so it is vital that you remain alert to potential threats and take responsibility for the security of your University computing and email accounts.
Below are some tips for spotting phishing attempts and email scams.
- Be wary of emails that ask you to validate or verify your account.
- Phishing emails tend to be poorly written and may include spelling mistakes and odd formatting.
- Look out for emails that have a sense of urgency and imply you might lose access to your account or those with threatening tone and content.
- They may appear to be from someone you know or an official source at the University.
- Be wary of links in emails. Is the destination the same as the link you see? Try hovering over the link to check.
- The email starts with an unusual or generic greeting such as ‘Dear valued customer’.
- A fraudulent email may contain attachments, which could include .exe files.
- A request for personal information such as your username, password or student loan details. The University will never ask you for a username or password.
- Remember, if it seems too good to be true, it probably is.
What action should you take?
- Never respond to emails that ask for your password or other sensitive information.
- Never click on or open suspicious links or attachments.
- If you're taken to a login page or website, never attempt to log in or enter your personal information.
- If it appears to be from someone you know contact the original sender by telephone or create a new email to ask them if the email is genuine.
I think I have fallen for a phishing scam, what do I do?
If you or anyone you know falls for a phishing scam, you should:
- Report to your bank immediately if any bank details are involved
- Change your University account password using Password Manager
- Log a ticket in Freshservice
- Email cybersecurity@londonmet.ac.uk quoting your ticket reference number.
- Follow our advice to protect your account:
Cybersecurity Hub
In the case of a major cyber incident, the university's web pages and systems may be not be accessible. Staff and students can now visit our externally hosted CyberSecurity Hub in this instance, where up to date information will be shared. Please save the url in your favourites for reference in case of any emergency.
Top Tips for Staying Safe
As part of Cybersecurity Awareness Week we spoke to researchers from London Met's Cyber Security Research Centre and asked them to provide expert advice for students and staff around cybersecurity.