UTServicesLISACyber safetyRecognizing incidents

Recognizing incidents

This website was set up to help you guard against security incidents. But what constitutes an incident? What do you see as a user, and what do you need to be aware of? This section of the website explains what security incidents are and how you can recognize them. You will also find information on actions to take to reduce the consequences of an incident and when to report an incident.

Infection 

The following signs indicate that an incident has occurred, and as a result that your device has become infected:

If one or more of the above signs occur, chances are that your device has become infected as a result of a security incident. Many infections are caused by phishing. If you are able to recognize a phishing attempt, you can avoid many problems yourself.

Phishing

Phishing is a form of fraud on the internet. You can recognize phishing emails by the following tricks:

Be aware, not all signs are present in a single email.

The university uses Microsoft Safe Links. They will redirect you through a Microsoft website to check for malicious websites. Some mail programs can show the real link before clicking on the Safe Link (by scrolling over it with your mouse or using a right-mouse click).

In addition to these signs, always use common sense when you receive an email. Scammers are becoming increasingly cunning and their emails are starting to resemble legitimate emails.

How to protect yourself 

  • Check the authenticity

    When in doubt about an email, contact the organization who sent you the message, to verify the authenticity of the message. Do not contact them using the information in the email (link/telephone number) but look for the organization’s website yourself and use the contact details you find there.

  • Report phishing

    The Outlook email client on managed workstations offers the possibility to report phishing messages automatically. You only need to click the Report Phish button.

    If you don't use Outlook you can report the phishing to CERT-UT.

  • What you should do if you were taken in by a phishing email

    Did you click on a link in a phishing email and did you enter information? Then do the following:

    • change important passwords;
    • block your debit or credit cards if you provided information about them;
    • notify CERT-UT that you received a phishing email and that you responded to it.

Phishing by phone or in person

Criminals not only use email to infect your computer and/or obtain your data, but they also attempt to do so by phone or in person. In this way, these scammers try to get you to visit fraudulent websites, install malicious software or obtain login credentials. You can recognize a phishing attempt by phone for example by a foreign phone number or the poor English spoken. Phishing attempts in person can be made in various cunning ways, for example, someone posing as a university staff member or student and requesting confidential information from you using a pretext.


Have you seen or experienced something that doesn't add up?
Report an incident