Information Security Reminder for Phishing Emails(30 Jan 2020)
You are reminded NOT to open or reply to any suspicious emails. If you have clicked the link/attachment and provided your information, please contact IT Helpdesk via email firstname.lastname@example.org
We would like to alert you the following phishing emails that some of you have recently received. Please delete it immediately.
This kind of phishing email is sent to you pretending to be from a staff of the OUHK (usually a senior staff or your supervisor). If there is a response, the sender will follow shot and see if there is a chance for cheating. Should you have any doubt, please check if the sender’s email address is correct (staff phone directory and/or confirm with the sender by other means like by phone or in person.
Here below is the latest sample of the phishing email:
ITU Security Reminder
1. Fake Email attack for phishing personal information
Please be reminded NOT to respond or reply to any suspicious emails that ask you to fill in a web form with username and password for any reason.
Most of the phishing emails have the following similarities:
a. Sender is similar to our official ITU Helpdesk account (such as IT support)
b. Ask users to access an unknown web link outside our official web services
c. Ask users to access an attachment (e.g. a document in PDF file)
d. Ask users to provide personal information (e.g., username and password)
e. The internet address of the web form is not secure (i.e., http:\\ instead of https :\\)
Please be reminded that OUHK will NEVER collect your username, password and/or any “CONFIDENTIAL” personal information via email. You are encouraged to report suspicious email to our ITU Helpdesk (Ext. 6523).
2. Security Tips
We would also like to share some security tips with you:
a. Do not disclose your own password to anybody
b. Change your password regularly
c. Report any fake or fraudulent email or activities
d. Keep your USB storage device with you
e. Use encrypted USB storage device to prevent any loss of information.
f. Use secure email option (by selecting “Confidential” under the sensitivity options in Microsoft Outlook) for any out-going email which contains personal confidential information
g. Use the encryption tools provided by the University to encrypt your data
h. Use the SharePoint Services to store your data
Information Technology Unit