- Written byUAL Communications
- Published date 11 November 2022
Helping to keep you and your work safe online
It is more important than ever to be aware of suspicious activity online. Many fraudsters target students for financial gain, however other motivations include cyber bullying, harvesting of personal data, intellectual property theft and copyright avoidance.
Worried your UAL email account has been breached and need advice? Report it using the Security Incident reporting form or call the UAL IT Service Desk on (+44) 020 7514 9898. Support is available 24/7, 365 days a year.
If you're concerned that you have been a victim of cyber-crime in any other way, visit Action Fraud.
Check out the advice below for ways to stay safe.
Phishing emails are a common way that cybercriminals gain access to systems. The goal of a phishing email is to trick the recipient into believing it has been sent by a legitimate source so that they will share sensitive data or information like passwords, usernames, credit card or bank account details, and more.
Cybercriminals may also email employees within a company pretending to be a colleague who has lost access to their email or bank account or needs an urgent credit card payment.
Spot fraudulent emails
- If you don’t recognise the sender, check their full email address. This is usually found in brackets with the @ symbol next to their display email address
- If you do recognise the sender but are concerned it’s not them, contact that person separately to check it really was them who emailed you
- Many fraudulent emails contain poor grammar or strange phrases – be vigilant, especially if the email claims to be from a professional company.
- Messages from spam senders will often aim to create a sense of urgency.
- Report suspicious emails in your UAL email account by right-clicking the email and sending it to the Junk folder. Make sure you delete it from both your inbox and the Empty Deleted Items folder
- Use HaveIBeenPwned? to check if your account has been involved in a data breach. If your email address is listed as breached, change your password immediately for the website(s) it lists. It’s best to use different passwords on different websites; if you're using that same password on more than one site, change it for all
Beware of scams
Scammers constantly come up with new way to con students into parting with their information or money. Examples include demands for upfront payments for fake products such as yearbooks, or scams which claim you are entitled to financial support, a council tax rebate or owe money.
- Take a moment to think before parting with your information or money.
- Don’t give out private information
- Don’t reply to text messages with personal or sensitive information
- Don’t download attachments or click on links in texts or emails you weren’t expecting.
- It’s ok to reject, refuse or ignore any requests - only criminals will try to rush or panic you.
Fraudsters posing as artwork buyers
Some scammers pose as potential artwork buyers or dealers. For example, you may receive an email stating that they’ve seen your work online but asking that you pay selling or shipping costs upfront. This method is common during end of year shows.
- Check the sender’s full email address – does it sound genuine?
- Never part with money if you are selling an item
- Look at the context. Where did they see your artwork advertised? Have they approached you on a secure selling platform?
The below image shows an example of a scam email:
Pay your fees safely
You must make all direct tuition fee payments through the UAL Portal using our payment processing partner called Flywire. Using Flywire allows you to make safe and secure payments while safeguarding your payment details.
Make sure you’re using a strong password and it meets the below requirements:
- More than 8 characters
- A combination of letters, numbers, special characters and/or a pass-phrase
- Use different passwords for different websites
- Don’t use your UAL password for a non-UAL site
- If available, use biometric authentication such as Touch ID or Face ID
- If available, set up multi-factor authentication.
- Keep your computer anti-virus software up to date and run regular scans.
- Update your devices regularly. Apply approved security updates when they become available for your phone and computer. Software companies often release updates to guard against new threats
- University IT Services may email you if we detected that your device may be infected. If you receive this, make sure you scan your device with anti-virus as soon as possible
Working in public
- Never leave your devices unattended.
- Mobile hot spots are more secure than using public Wi-Fi.
- When connecting to public Wi-Fi, check a member of the staff that they provide free Wi-Fi and make sure to connect to the right one. Hackers can broadcast fake Wi-Fi by sitting nearby.
- Be careful sharing personal details like your email address or phone number when signing into public Wi-Fi. Only connect to Wi-Fi in places you trust, and consider using an alternative email address to your primary one.
- Be aware of others possibly looking at your screen without you realising and try to sit with your back to a wall if possible.
- Connect to the UAL VPN for a more secure Wi-Fi connection.
Mobile & USB devices
- Read our tips on protecting your valuables, including your phone.
- Avoid using USB devices wherever possible; if you do need to use one, do not plug it into a UAL device if it’s not from a trusted source.
- Password-protect and encrypt your mobile devices
- Hackers can use info you share on social channels to impersonate or ‘profile’ you online. Don’t share information that could compromise you such as your address or bank card details.
- Be aware of bots. Fake accounts can be set up as a way of contacting you on social channels via direct messages.
- Consider what you are sharing with who online and whether you should create separate accounts for your personal and professional lives.
- Get to know your privacy settings. There are lots of different settings available to make your social media more secure. These vary on different platforms.