Cyber security alert: bogus Griffith library emails

There has recently been a spate of fake library system notices sent to Griffith University staff and students which attempt to steal your username and password and potentially other personal information.

While there are a few variations of the email, most have the Subject: ‘Library Notifications’ and have a falsified From: address of ‘libraries@griffith.edu.au’.

The body of the email contains a claim that your library account access will expire soon due to ‘security precautions established to protect the University Libraries System’. It will tell you that you need to ‘renew your library account on a regular basis’ and to click on the given link.

Clicking on the link takes you to a malicious website, crafted to look exactly like Griffith’s Single Sign-On (SSO) Login page. This site is able to steal any username and passwords entered.

If you believe that you may have entered your login details on the fake login page, please change your Griffith password immediately.

Here are some tips on spotting bogus emails:

  • Does the address of the sender seem real?  Quite often phishing emails have a real looking name but the email address itself is a free email service rather than a Griffith address.
  • Is the email full of errors? While we all make the occasional spelling and grammatical errors, bogus emails tend to have a lot of errors in only a few sentences.
  • Does the email demand you click on a link and login to something immediately, otherwise you’ll lose access? They’re deliberately worded to make you curious or worried so you click on the link without thinking twice.
  • Is the email from a completely unexpected source? If you’ve not entered a lottery or competition, you cannot have won.

Please forward any suspicious emails to the Information Security team.


Take care of your valuables

Photo of valuable items

Our libraries may be the home of lost property on campus, but don’t let that lull you into a false sense of security and think that your valuables are safe being left unattended in the library.

Unfortunately (or luckily for you – whichever way you choose to look at it), we’re not Big Brother and don’t have cameras monitoring every crevice of our libraries.

So, as part of #adulting, you’ve got to ensure you take care of your valuables. Keep an eye on them, make sure they’re safe, and follow our tips below:

Never leave your valuable items unattended
If you need to take a break or grab some study snacks, get a friend to watch your valuables. Or if you are Nigel No-friends for the day – bring your gear with you. Think of how devastated you’ll be if a thief swipes your laptop and mobile phone. No more Netflix (and chill).

Never lend anyone your ID card
Your ID card gives you access to some pretty cool stuff. You can borrow books from the library, print and copy on campus, and get access to buildings and computer labs. But it can go pear-shaped pretty quickly if you let others use your card. If they don’t return the book or laptop, that fine is on you.

Ensure your personal computer is secure
Is your whole student life on your computer? Take steps to ensure you are safe online; we don’t want you losing all that work! Protect your passwords, backup your work and install an antivirus program.

If you see any suspicious persons or activity in your area, call security:

  • Nathan & Mt Gravatt: 3735 7777
  • South Bank: 3735 6226
  • Logan: 3382 1717
  • Gold Coast: 5552 7777

For more information, visit the security web page.


How to secure your virtual world

Photo of keys in door

When you think of your valuable items you generally think of your home, right? There’s your 50” flat screen television, Xbox gaming console (with many, many awesome games), and that bottle of Moet you received for Christmas.

But what about the valuable information you have online? Now, more than ever, we are storing an abundance of valuable information on our digital devices – if not in the cloud.

If you aren’t mindful of your online security, sensitive documents, your identity and even your hard earned cash could be taken from you. So, just as you would lock the door to your home, you should protect your online information as well.

The Griffith University IT Security webpage has some great advice about how to stay safe and secure online. Here are a few safety tips to get you started:

Install anti-virus software
Did you know Griffith University Students get 50% off selected Norton security products? Now if you’re using one of our computers or laptops, don’t worry, they all have Norton anti-virus installed  (‘cause we’ve got your back).

Avoid peer-to-peer (P2P) networks
According to Lifewire, ‘when you download files from other peers on the BitTorrent, eMule, or other P2P network you don’t know for sure that the file is what it says it is. You might think you are downloading a great new utility, but when you double-click the EXE file how can you be sure that you haven’t also installed a Trojan or backdoor in your computer allowing an attacker to access it at will?’

Make sure you create a strong password
Not sure where to start? Check out our handy tips for creating a password. And just so you know, ‘password’ is not a good password. In fact, it’s been reported in the press as one of the most common passwords used! Other common passwords include: qwerty, monkey, letmein, changeme, internet, iloveyou, jesus, jesussaves, 1q2w3e4r, 1qaz2wsx and of course swear words and nicknames for parts of the anatomy.

Never reply to emails asking you for personal information
Did you receive an email asking for your bank account details? Chances are pretty high that you didn’t win a fortune in a lottery you never entered or inherit millions from a rich uncle you never knew existed. So if you neglect to provide your bank details, you won’t miss out on anything – except trouble.

Never click on sites that seem questionable
There are billions of websites online. And while many of them are legit, there are also quite a few that are not. If the site’s description, title, or URL seems dodgy to you, don’t click on it. Otherwise you could pick up something nasty, like spyware, malware or a virus.


3 practical ways to keep your valuables safe

Photo of laptop on desk

It’s that time of year again – masses of assignments, exam prep and Netflix procrastination.

Now, our campus libraries provide popular and diverse study areas for you to do your thang. Whether you’re looking for a silent, quiet or social space – we’ve got you covered.

But before you bunker down we’d like to remind you to take a sensible approach to your personal belongings.

In your study daze, don’t forget to keep your valuables safe. Here are some handy pointers:

1. Never leave your valuable items unattended
If you need to take a break or grab some study snacks, get a friend to watch your valuables. Or if you are Nigel No-friends for the day – bring your gear with you. Think of how devastated you’ll be if a thief swipes your laptop and mobile phone. No more Netflix (and chill).

2. Never lend anyone your ID card
Your ID card gives you access to some pretty cool stuff. You can borrow books from the library, print and copy on campus, and get access to buildings and computer labs. But it can go pear-shaped pretty quickly if you let others use your card. If they don’t return the book or laptop, that fine is on you.

3. Ensure your personal computer is secure
Is your whole student-life on your computer? Take steps to ensure you are safe online; we don’t want you losing all that work! Protect your passwords, backup your work and install an antivirus program.

If you see any suspicious persons or activity in your area, call security:

  • Nathan & Mt Gravatt: 3735 7777
  • South Bank: 3735 6226
  • Logan: 3382 1717
  • Gold Coast: 5552 7777

For more information, visit the security web page.


Protect your digital life on your mobile device

wb-it-security-mobile-grey

When you lend your mobile device, did you know you’re also sharing your internet account, email and Facebook?

And do really want to give your study buddy access to your Facebook account? They’ll just post cringe-worthy selfies from your camera roll or startling revelations about your embarrassing celebrity crush (which is obvs completely false).

Or even worse. They could use up all your internet data to watch cats being funny on YouTube. Which is fine, but only if you got to see the furry feline shenanigans as well.

How does this happen? Well, you’re connected to the Griffith Wi-Fi on your mobile device, right? You’ll notice that once you’ve signed in, you are never asked to sign in again. It’s just so convenient to have it connect automatically when you’re on campus.

But it also means that when you share your mobile phone, tablet or laptop with your classmate, all their internet use will be billed and logged against you!

And don’t forget, you’re probably logged into all your social media and email accounts as well.

Which means they can not only post to your Facebook (as you), but also to Snapchat, Instagram and Twitter. And just for kicks, they could swipe right for all of Tinder.

Now, your friends and classmates are probably too responsible to be irresponsible with your digital life. They would never prank post on your social media, use all your internet data, or mess with your email.

But if they do. Just remember, we told you so.

For advice on how to stay safe online, visit the Griffith University IT Security web page.


5 of the worst computer viruses ever

Have you ever had a computer virus? They aren’t very nice.

They can break your computer, delete your files or steal your personal information. And you can inadvertently infect your friends and family with the virus (well, not them directly, their computer).

Michael Aranda takes us through the 5 of the worst computer viruses ever in a YouTube video by SciShow. Remember the Melissa Virus? What about the not-so-lovely I love You Virus? They both make the cut.

Watch the video to see how quickly they spread, how many people they affected and the amount of damage they did.

How can you avoid getting a virus? Michael recommends that you:

  • Install an antivirus program
  • Don’t click on suspicious links or emails from Nigerian princes
  • Keep your computer operating system and programs updated with the latest security patches

Installing an antivirus program doesn’t have to cost a fortune. Actually, it doesn’t have to cost you anything at all. All Griffith students can access Symantec Endpoint Protection on their device for FREE.

Symantec Endpoint Protection is a leading antivirus and security solution for desktop devices. It is designed to ‘protect against advanced threats with powerful, layered protection backed by industry-leading security intelligence’. See the Symantec website for system requirements.

You can access Symantec Endpoint Protection via the Software Download Service (SDS) on your Griffith University Google Drive account. Head to the Software Services website for handy instructions on accessing home use software.


Stop your iPhone from being hacked

iphone

Download the latest security patch released by Apple! On Thursday, Apple released an urgent update to its operating system due to a malware attack.

Apple issued a global update to their iOS software after a sophisticated piece of malware was found to be able to compromise any iPhone in the world.

The malware gives attackers the ability to steal information from your phone, intercept calls and SMS, view emails, contacts and other applications.After confirming the vulnerability, Apple developed a patch that is deployed with its latest iOS update (9.3.5)

After confirming the vulnerability, Apple developed a patch that is deployed with its latest iOS update (9.3.5), and are advising people to download this fix immediately.

For instructions on how to update your iOS device, please refer to the Apple website.