IT Security Alerts & Announcements
To maintain a safe and secure online environment, and to protect users of the University's IT facilities, Information Strategy & Technology Services (ISTS) regularly post alerts and announcements to warn and educate users about IT security issues.
Please be vigilant when accessing links sent to you via email, and do not enter your university credentials into any page you reach by selecting an email link unless you are certain the email is legitimate and from a trusted source.
If you have concerns about the validity of any email you receive you should always contact the IT Help Desk (extension 25000).
Further information about phishing attacks and online security is available from the Unsolicited & Malicious Emails page.
Please see below for a copy of a recent phishing emails sent to some University mailboxes. If you have already clicked the link in any of these messages and entered your username and password; follow the recommendations for dealing with Phishing emails.
Recently Reporting Phishing Examples
October 2016 - Login Security
This article discusses a few simple steps to improve the
security of your University login.
The University login provides staff with access to many resources required to perform their work tasks such as email, Internet access, staff portal, file sharing, etc. For some staff this login also gives access to confidential information relating to University administrative processes.
In order to improve the security of your account:
Use passwords that are not found in a dictionary and contain a
mix of letters and numbers. Do not use passwords based on
information that others may know or can easily discover such as
car registration, phone numbers, names and addresses.
• Do not allow applications or web browsers to save or remember your password.
• Your account is for your own use only. Do not share your password with anyone.
• Ensure that your workstation is not left logged in and unattended. Either logout of the workstation or lock the workstation so that your password needs to be entered to unlock it. Windows workstations can be locked by holding down the CTRL, ALT and DELETE keys then selecting “Lock this computer” from the menu presented or by holding down the Windows logo key and pressing the L key.
• Choose a different password to your UniSA password when accessing third party web services (personal email, social media). For work related subscriptions where you need to use your UniSA email address you should also use a password that is not the same as your UniSA password.
You can find more security information at the IT Security website.
September 2016 - Email Security
UniSA, along with other Australian universities, are seeing a
large number of malicious emails being sent to staff mailboxes.
These messages are intended to trick you into opening an
attached file or clicking an included link in order to
compromise your computer, lock your files for ransom and steal
your logon credentials.
Recent malicious messages have been disguised as:
• Warnings about changes to the university email system or storage that requires an immediate action or response.
• Scanned documents sent from university printers.
• Australia Post package collection and tracking notifications.
• Invoices for services and goods.
If you receive an unexpected email with an attached document or included link then the best course of action is to not open the attached document and not click the link.
To make it easier to recognise suspicious email, ISTS have published examples with information and pointers that show the email is not legitimate. This information is available here: http://w3.unisa.edu.au/ists/new/all/email/nuisance-emails.htm.
ISTS also publish alerts regarding current suspicious email activity at this site: http://w3.unisa.edu.au/ists/new/all/it-help-desk/alerts-announcements.htm.
To protect yourself against fraudulent activity:
• do not enter your UniSA username and password into an external website or use your UniSA email address and password for non-university accounts
• do not reply to an email requesting your username and password. UniSA will never request your username and password via email
• do not click on any links or open any attachments contained within a suspicious email.
Call the IT Help Desk to check or report any suspicious email.
August 2016 - Social Engineering Attacks
Social engineering attacks are designed to convince you to
perform actions that result in the release of sensitive data
such as UniSA login credentials, bank account details or other
personal and confidential information.
As UniSA staff are often subjected to these types of attack, this list of common social engineering techniques is provided to increase your awareness and help you to avoid being tricked:
• A phone call or face to face contact is made by someone claiming to be a staff member or student requesting their own personal information or changes to their passwords and contact information. Staff should follow established procedures for releasing or changing credentials and contact information.
• The most prevalent social engineering method seen at UniSA are attempts to trick a large number of staff into revealing information or taking action through emails that claim to be from the IT unit, Helpdesk or external organisations (banks, energy providers and social media). Users are urged to open attachments or click on links that lead to a compromise of the user’s workstation or UniSA credentials. Staff should not open attachments or click on links in unsolicited email.
• Targeted emails are sent to specific staff members who have privileged roles in an organisation. These are usually crafted to appear to be from senior staff or colleagues and often request confidential information or actions to be undertaken such as the transfer of funds, copy of exam papers, password changes, etc. Staff should follow established procedures for authorising changes and transactions or releasing information.
• USB drives are dropped for employees to find or are handed in as found. This technique relies on people plugging the item into their workstation to see if they can identify the owner and in the process infecting the workstation. Staff should not attach unknown devices to their workstation.
If you think you have been subjected to any of these attempts please report them to and seek advice from the IT Help Desk.
Further security information is available from this UniSA link: http://w3.unisa.edu.au/ists/new/staff/passwords-access-security/protect.htm.
July 2016 - Hoax Parking Infringement Notices
Many people received hoax parking notices overnight like the
one below depicted as a graphic. These are fake as is indicated
by the .cz “From” address (indicating Czechoslovakia). Do not
click on the link.
FMU and our on-campus parking service provider do not issue electronic infringements or follow up any infringement electronically. If you get such a message like the one below, please delete it.
June 2016 - IT Security Warning - Crypto Virus
UniSA and several other Australian universities have recently
experienced a number of 'Ransomware' or ‘Crypto Virus’
infections via attachments and links in emails.
Ransomware is malicious software that encrypts all files stored on a computer and connected share drives. Once the files are encrypted the infected computer displays a notice requesting payment to obtain the key required to decrypt the files and regain access to the data in them.
The University has systems in place to detect and block this type of malware; however as this malicious software is constantly changing it is important that you follow good security practise by:
• not opening attachments included in unsolicited or suspicious emails.
• not clicking on links in unsolicited or suspicious emails and social media posts.
• storing important data in appropriate locations should the need arise to recover it.
If you have any concerns as to whether an email message, attachment or link is authentic please always err on the side of caution and forward the suspect message to the IT Help Desk.
If you suspect your computer is infected you should immediately turn it off and contact your local IT support group or the IT Help Desk.
For further information about how you can protect against malicious online activity please refer to Protecting Yourself, Your Devices and Your Data.
To all UniSA Staff,
Two staff members were fooled into opening an attachment in a fake message purporting to be from Australia Post today and even though it claims to be a document and delivery notification, it was a virus which proceeds to encrypt your data files, including those of file shares and dropbox type accounts you are connected to.
It leaves ransom notes in every folder where it encrypts files.
Even if you think the message might possible refer to a parcel you are expecting from Australia Post, it is unlikely they have linked your UniSA email to the delivery and I have never seen a legitimate email from Australia Post about a delivery. They would normally leave a physical piece of paper at the delivery address.
Do not open attachments unless you are sure that you know the person and were expecting the content. Do not open attachments from companies, unless you have just initiated a transaction on a legitimate web site which informed you that it would send you an email (e.g. signing up to some web sites using your email address).
The virus detection software can detect the ransom notes but the virus itself keeps changing such that the new versions are not immediately detected. If we detect that a ransom note is found on your local disk, we may temporarily disable your account so that we can mitigate the damage such a virus can do to files you share with your colleagues. This would of course cut off all access to email, sharepoint and file shares while we find the infected computer and disconnect it.
Please be extremely cautious about any attachment sent to you. A quick way (but not full proof) is to check if the sender address appears to be Ok so hit reply and examine where the reply goes (but DO NOT SEND THE REPLY – just cancel it). If it is going to a GMAIL, HOTMAIL or some other account that is not associated with the alleged company, delete the message.
March 2016 - Mobile Security
Mobile computing devices such as smart phones, tablets and
laptops can hold a large amount of data and can also be easily
lost or stolen, therefore it is important that you take steps to
protect these devices from unauthorised access.
To prevent confidential information being lost or disclosed please follow these guidelines (you may need to consult your device’s instruction manual to implement some of these features):
• Keep the device physically secured so it is not lost or stolen. Never leave devices unattended in a car, an open office, airport or other public places.
• If your University mobile device is lost or stolen you must report this to the IT Help Desk immediately.
• Ensure that your device requires a password to gain access. If the device is lost or stolen this will make it more difficult for the finder to access your private data or logon to websites using saved credentials (if you use the browser's "remember password" feature).
• Regularly check for and install operating system software updates. These usually fix vulnerabilities that could allow someone to circumvent security settings on the device.
• Turn off Bluetooth and wireless networking if they are not required. This not only helps secure your device but also improves battery life.
Further information is available from the UniSA site Protecting Yourself, Your Devices and Your Data or the Australian government's Stay Smart Online site.
Staff should be aware that their use of University IT resources is covered by the UniSA Acceptable Use Policy.