Here below is the latest sample of the phishing email:
ITU Security Reminder
1. Fake Email attack for phishing personal information
Please be reminded NOT to respond or reply to any suspicious emails that ask you to fill in a web form with username and password for any reason.
Most of the phishing emails have the following similarities:
a. Sender is similar to our official ITU Helpdesk account (such as IT support)
b. Ask users to access an unknown web link outside our official web services
c. Ask users to access an attachment (e.g. a document in PDF file)
d. Ask users to provide personal information (e.g., username and password)
e. The internet address of the web form is not secure (i.e., http:\\ instead of https :\\)
Please be reminded that OUHK will NEVER
collect your username, password and/or any “CONFIDENTIAL” personal information via email. You are encouraged to report suspicious email to our ITU Helpdesk (Ext. 6523).
2. Security Tips
We would also like to share some security tips with you:
a. Do not disclose your own password to anybody
b. Change your password regularly
c. Report any fake or fraudulent email or activities
d. Keep your USB storage device with you
e. Use encrypted USB storage device to prevent any loss of information.
f. Use secure email option (by selecting “Confidential” under the sensitivity options in Microsoft Outlook) for any out-going email which contains personal confidential information
g. Use the encryption tools provided by the University to encrypt your data
h. Use the SharePoint Services to store your data
Information Technology Unit