Helping keep you and your work safe online
It's more important than ever to be aware of suspicious activity online. Many fraudsters target students for financial gain, however other motivations include cyber bullying, harvesting of personal data, intellectual property theft and copyright avoidance.
If you’re worried your UAL email account has been breached and need advice, call the UAL IT Service Desk on (+44) 020 7514 9898. Support is available 24/7, 365 days a year. If you're concerned that you have been a victim of cyber-crime in any other way, visit Action Fraud.
Check out the advice below for simple ways to stay safe.
Email spam and phishing
- If you don’t recognise the sender, check their full email address. This is usually found in brackets with the @ symbol next to their display email address
- If you do recognise the sender but are concerned it’s not them, contact that person separately to check it really was them who emailed you
- Many fraudulent emails often contain poor grammar or strange phrases – be vigilant, especially if the email claims to be from a professional company
- Most email providers have a junk mail feature. Report any suspicious emails in your UAL email account by right-clicking the email and sending it to the Junk folder. Make sure you delete it from both your inbox and the Empty Deleted Items folder
- Use HaveIBeenPwned? to check if your account has been involved in a data breach. If your email address is listed as breached, change your password immediately for the website(s) it lists. It’s best to use different passwords on different websites; if you're using that same password on more than one site, change it for all
Beware of scams
Scammers constantly come up with new tricks to con students into parting with their cash. One recent trend is the Uniyearbook scam, which demands upfront payment for a fake university yearbook. Others may claim you are entitled to financial support, a council tax rebate or owe money.
Top tips include:
- Take a moment to think before parting with your information or money.
- Don’t give out private information or reply to text messages.
- Don’t download attachments or click on links in texts or emails you weren’t expecting.
- It’s ok to reject, refuse or ignore any requests - only criminals will try to rush or panic you.
Fraudsters posing as artwork buyers
Some fraudsters pose as potential artwork buyers/dealers as a way of defrauding students. For example, you may receive an email stating that they’ve seen your work online but asking that you pay selling or shipping costs upfront. This method is particularly common around the end of year show period
- Check the sender’s full email address – does it sound genuine?
- Never part with money if you are selling an item
- Look at the context fully. Where did they see your artwork advertised? Have they approached you on a secure selling platform?
The below image shows a typical example of a scam email:
The email reads:
"Greetings! My name is XXX from United Kingdom from United Kingdom. I actually observed my wife has been viewing your website on my laptop and i guess she likes your piece of work. I'm also impressed and amazed to have seen your various works too, You are doing a great job. I would like to purchase one of your artwork available at range of £100 to £1,500 and ready for sale as a surprise to my wife on our anniversary. Also, my method of payment is Bank Cheque as mode of Payment. Thanks and best regards. XXX!!!"
Make sure you’re using a strong password and it meets the below requirements:
- More than 8 characters
- A combination of letters, numbers, special characters and/or a pass-phrase
- Use different passwords for different websites
- Don’t use your UAL password for a non-UAL site
- Keep your computer anti-virus software up to date and run regular scans
- University IT Services may email you if our Office 365 system has detected that your device may be infected. If you receive this, make sure you scan your device with anti-virus as soon as possible
- Make sure that you apply approved security updates when they become available for your phone and computer. Software companies often release updates to guard against new threats
Working in public
- If using public Wi-Fi on your personal device, use a Virtual Private Network (VPN) service to prevent people eavesdropping on your data
- Be aware of others possibly looking at your screen without you realising
Mobile & USB devices
- Avoid using USB devices wherever possible; if you do need to use one, do not plug it into a UAL device if it’s not from a trusted source
- Password protect and encrypt your mobile devices
- Hackers can use info you share on social channels to impersonate or ‘profile’ you online. Take care not to share information that could compromise you such as your address or bank card details
- Be aware of bots. Fake accounts can be set up as a way of contacting you on social channels via direct messages