For any Cyber Security issues or questions, please email firstname.lastname@example.org quoting your ticket reference number.
Cybersecurity Awareness Week 20 to 24 March 2023
Increased awareness of cybersecurity amongst our students and staff is of vital importance to the University, as well as being an essential transferrable skill for employers.
Keep an eye out during the week for:
- Lunchtime stalls hosted by IT staff answering your questions:
- Monday 20 March, 12 to 2pm, The Junction (Holloway)
- Wednesday 22 March, 12 to 2pm, The Atrium (Aldgate)
- Lunchtime talks promoting cyber-health and wellbeing, including top tips for staying safe on-line (and a free lunch!):
- Tuesday 21 March, TM 1-41, Red Zone, Holloway campus
- Thursday 23 March, GSG-17b, Goulston Street, Aldgate campus
- A chance to win a chromebook by completing the additional Boxphish cybersecurity training modules that have been added for all students in Weblearn. Enter the prize draw to win. Winners will be notified via their London Met email address.
Read the expert comment piece by School of Computing and Digital Media academics if you missed it last time, it contains some great tips from leaders in the field.
Boxphish cybersecurity training - new modules now available to all students!
Cyber crime and scamming is currently at an all time high. It is vital to the safety of both you and the University that we know how to spot such attacks, and it's an important issue to employers too.
To help with this we are now providing Cybersecurity training to all students as part of your studies. The training is provided by cybersecurity specialists Boxphish and comes in bitesize training modules that take about 5 minutes to complete. Each module focuses on a different cybersecurity risk area and the feedback we've received so far has been really positive:
"Immediately after taking the training, I went to reset my social media privacy settings, and I intend to use different passwords for different accounts to prevent all my accounts from being logged into in a case of hacking."
"(I will) take cyber world more seriously…I didn’t think it was important until now."
You will find the Boxphish modules in your school weblearn organisation:
- AAD 'Cybersecurity Quiz' folder in AAD Academic Support Organisation on Weblearn
- SCDM School of Computing and Digital Media Weblearn organisation > Boxphish cybersecurity training > Cybersecurity awareness
- SHSC Weblearn organisation > Cyber Security Training
- SSSP School Weblearn organisation > Learning Materials folder
- GSBL Citizenship Weblearn (The London Met Passport) organisation
What is phishing?
Phishing is a type of online identity theft usually, claiming to be from an organisation that you may trust, that uses email and fraudulent websites to trick you into sharing your information such as credit card numbers, passwords, account data or other valuable information.
Spam is unwanted, junk email, typically sent to large numbers of people, for the purposes of advertising, phishing, spreading malware, etc.
How to spot phishing
Email fraud that targets university staff and students is on the rise. It is becoming increasingly sophisticated and hard to identify.
We have systems in place to limit how many fraudulent emails get through and to minimise the impact where possible. However, some emails will always get through, so it is vital that you remain alert to potential threats and take responsibility for the security of your University computing and email accounts.
Below are some tips for spotting phishing attempts and email scams.
- Be wary of emails that ask you to validate or verify your account.
- Phishing emails tend to be poorly written and may include spelling mistakes and odd formatting.
- Look out for emails that have a sense of urgency and imply you might lose access to your account or those with threatening tone and content.
- They may appear to be from someone you know or an official source at the University.
- Be wary of links in emails. Is the destination the same as the link you see? Try hovering over the link to check.
- The email starts with an unusual or generic greeting such as ‘Dear valued customer’.
- A fraudulent email may contain attachments, which could include .exe files.
- A request for personal information such as your username, password or student loan details. The University will never ask you for a username or password.
- Remember, if it seems too good to be true, it probably is.
What action should you take?
- Never respond to emails that ask for your password or other sensitive information.
- Never click on or open suspicious links or attachments.
- If you're taken to a login page or website, never attempt to log in or enter your personal information.
- If it appears to be from someone you know contact the original sender by telephone or create a new email to ask them if the email is genuine.
I think I have fallen for a phishing scam, what do I do?
If you or anyone you know falls for a phishing scam, you should:
- Report to your bank immediately if any bank details are involved
- Change your University account password using Password Manager
- Contact the IT Self Service Portal
- Email email@example.com quoting your ticket reference number.
- Follow our advice to protect your account: