Helping keep you and your work safe online
It's more important than ever to be aware of suspicious activity online - especially those which specifically seek to target students. Many fraudsters target students for financial gain, however other motivations include cyber bullying, harvesting of personal data, intellectual property theft and copyright avoidance.If you’re worried your UAL email account has been breached and need advice, call the UAL IT Service Desk on (+44) 020 7514 9898. Support is available 24/7, 365 days a year. If you're concerned that you have been a victim of cyber-crime in any other way, visit Action Fraud for further advice and information.
Our Information Security team works hard to protect students from hackers and fraudsters, with strong security features in place to help prevent such attacks. However, we all have a role to play. Check out the advice below for simple ways to stay vigilant and help keep both your studies and personal lives safe.
Email spam and phishing
- If you don’t recognise the sender, check their full email address. This is usually found in brackets with the @ symbol next to their display email address
- If you do recognise the sender but are concerned it’s not them, contact that person separately to check it really was them who emailed you
- Many fraudulent emails often contain poor grammar or strange phrases – be vigilant, especially if the email claims to be from a professional company
- Most email providers have a junk mail feature. Report any suspicious emails in your UAL email account by right-clicking the email and sending it to the Junk folder. Make sure you delete it from both your inbox and the Empty Deleted Items folder
- Use HaveIBeenPwned? to check if your account has been involved in a data breach. If your email address is listed as breached, change your password immediately for the website(s) it lists. It’s best to use different passwords on different websites; if you're using that same password on more than one site, change it for all
Fraudsters posing as artwork buyers
There’s been an increase in fraudsters posing as potential artwork buyers/dealers as a way of defrauding students. For example, you may receive an email stating that they’ve seen your work online but asking that you pay selling or shipping costs upfront. This method is particularly common around the end of year show period
- Check the sender’s full email address – does it sound genuine?
- Never part with money if you are selling an item
- Look at the context fully. Where did they see your artwork advertised? Have they approached you on a secure selling platform?
The below image shows a typical example of a scam email:
The email reads:
"Greetings! My name is XXX from United Kingdom from United Kingdom. I actually observed my wife has been viewing your website on my laptop and i guess she likes your piece of work. I'm also impressed and amazed to have seen your various works too, You are doing a great job. I would like to purchase one of your artwork available at range of £100 to £1,500 and ready for sale as a surprise to my wife on our anniversary. Also, my method of payment is Bank Cheque as mode of Payment. Thanks and best regards. XXX!!!"
Make sure you’re using a strong password and it meets the below requirements:
- More than 8 characters
- A combination of letters, numbers, special characters and/or a pass-phrase
- Use different passwords for different websites
- Don’t use your UAL password for a non-UAL site
- Keep your computer anti-virus software up to date and run regular scans
- University IT Services may email you if our Office 365 system has detected that your device may be infected. If you receive this, make sure you scan your device with anti-virus as soon as possible
- Make sure that you apply approved security updates when they become available for your phone and computer. Software companies often release updates to guard against new threats
Working in public
- If using public Wi-Fi on your personal device, use a Virtual Private Network (VPN) service to prevent people eavesdropping on your data
- Be aware of others possibly looking at your screen without you realising
Mobile & USB devices
- Avoid using USB devices wherever possible; if you do need to use one, do not plug it into a UAL device if it’s not from a trusted source
- Password protect and encrypt your mobile devices
- Hackers can use info you share on social channels to impersonate or ‘profile’ you online. Take care not to share information that could compromise you such as your address or bank card details
- Be aware of bots. Fake accounts can be set up as a way of contacting you on social channels via direct messages