Information Security Reminder for Phishing Email(15 December 2021)

Information Technology Office Information Security Reminder for Phishing Email(15 December 2021)

Information Security Reminder for Phishing Email(15 December 2021)

You are reminded NOT to open or reply to any suspicious emails. If you have clicked the link/attachment and provided your information, please contact IT Helpdesk via email itohelp@hkmu.edu.hk.
 
We would like to alert you the following phishing emails that some of you have recently received. Please delete it immediately.
 
This kind of phishing email is sent to you pretending to be from a staff of the HKMU (usually a senior staff or your supervisor). If there is a response, the sender will follow shot and see if there is a chance for cheating. Should you have any doubt, please check if the sender's email address is correct (staff phone directory and/or confirm with the sender by other means like by phone or in person.
 
Samples:

IT Security Reminder

1.    Fake Email attack for phishing personal information

Please be reminded NOT to reply to any suspicious emails that ask you to fill in a web form with username and password for any reason.

Most of the phishing emails have the following similarities:
a.    Sender is similar to our official IT Helpdesk account (such as IT support)
b.    Ask users to access an unknown web link outside our official web services
c.    Ask users to access an attachment (e.g. a document in PDF file)
d.    Ask users to provide personal information (e.g., username and password)
e.    The internet address of the web form is not secure (i.e., http:\\ instead of https :\\)

Please be reminded that HKMU will NEVER collect your username, password and/or any “CONFIDENTIAL” personal information via email. You are encouraged to report suspicious email to our IT Helpdesk (Ext. 6523).

2.    Security Tips

We would also like to share some security tips with you:
a.    Do not disclose your own password to anybody
b.    Change your password regularly
c.    Report any fake or fraudulent email or activities
d.    Keep your USB storage device with you
e.    Use encrypted USB storage device to prevent any loss of information.
f.    Use secure email option (by selecting “Confidential” under the sensitivity options in Microsoft Outlook) for any out-going email which contains personal confidential information
g.    Use the encryption tools provided by the University to encrypt your data
h.    Use the SharePoint Services to store your data

Information Technology Office