Simulated Phishing Email of March 2024

Can you trust this page?If you look in the address bar (at the top of this page) you will see that this page is on the blog.bham.ac.uk site. This tells you that the page is within the bham.ac.uk internet domain which is owned by the University of Birmingham. If you came to this page to confirm if a test phishing … Continue reading “Simulated Phishing Email of March 2024”

Simulated Phishing Email of January 2024

Can you trust this page? If you look in the address bar (at the top of this page) you will see that this page is on the blog.bham.ac.uk site. This tells you that the page is within the bham.ac.uk internet domain which is owned by the University of Birmingham. If you came to this page to … Continue reading “Simulated Phishing Email of January 2024”

Simulated Phishing email of December 2023

Can you trust this page? If you look in the address bar (at the top of this page) you will see that this page is on the blog.bham.ac.uk site. This tells you that the page is within the bham.ac.uk internet domain which is owned by the University of Birmingham. If you came to this page to … Continue reading “Simulated Phishing email of December 2023”

Simulated Phishing Email of October 2023

On Tuesday 24 October, IT Security sent a number of staff a simulated phishing email claiming HR shared a file with you. The Subject was ‘Holiday Entitlement Changes’ available through SharePoint, and contained a link to a Word document called Holiday Entitlement Changes. If you tried to open that document you were asked for your … Continue reading “Simulated Phishing Email of October 2023”

NCSC Threat Report

The National Cyber Security Centre (NCSC) provides cyber security guidance and support, with the aim of helping make the UK the safest place to live and work online.  Every fortnight, NCSC publishes a Threat Report, providing information on known and emerging security matters affecting the UK, including the NCSC’s response. You can subscribe to receive the … Continue reading “NCSC Threat Report”

Cyber Essentials

Cyber Essentials is a UK Government backed scheme, providing a proactive approach to guarding against a range of common cyber-attacks.  This is achieved through the strengthening of five key areas: Securing of your Internet connection Securing of your devices and software Controlling access to your data and services Protection against viruses and other malware Keeping … Continue reading “Cyber Essentials”

Apple Release Important Security Patches

Apple has released a fix for the newly discovered security exploit that affects iPhones, iPads, and Macs which can spread malware via iMessage. If you use any Apple devices you should immediately update them to ensure that you are fully protected. Further information can be foulnd in the following articles. https://www.techrepublic.com/article/apple-releases-emergency-patch-to-protect-all-devices-against-pegasus-spyware/ https://www.techrepublic.com/article/apple-releases-emergency-patch-to-protect-all-devices-against-pegasus-spyware/ https://support.apple.com/en-ca/HT212807

Increase in Blackmail Scams (Sextortion)

We are getting more reports of sextortion scams, which are a type of blackmail. These look very similar to the ones highlighted in a previous blog article.  The method of operation and advice remain the same. Click here for the original article and advice on what top do if you have received one. We do … Continue reading “Increase in Blackmail Scams (Sextortion)”

Password Spray Attacks

The NCSC recently issued an advisory on password spray attacks.   The attacks are aimed at   health care organisations involved in the coronavirus response, including research.  The University is a potential target. In password spray attacks, attackers use a few easy to guess passwords and try them against multiple accounts.  Attacking in this way does not … Continue reading “Password Spray Attacks”

New Password Expiry Notice

IT security policy requires password changes every 180 days. In order to achieve this, passwords are set to expire approximately every 180 days. Warnings and reminders are sent in the period running up to password expiry times. The password expiry noticed issued by IT Services has changed recently. The new notice looks like this. If … Continue reading “New Password Expiry Notice”