skip to primary navigationskip to content

IT Help and Support

University Information Services

Studying at Cambridge


Stay safe online: a spotter's guide to scams

Unfortunately, not everything on the internet is what it seems. Sites might display deliberately false information for various criminal reasons, so always check that you are on a legitimate site, and think before you follow a link in an email, or download content or a new app. These pages will show the most frequent types of scam used against members of the University, along with tips on how to avoid them.

Phishing and spear phishing

Phishing scams attempt to gain access to your personal information, account details and/or financial information using social engineering techniques.

Social media profiling

Cyber criminals collect information about you from various social media platforms (such as Facebook and Twitter) and use it to create a composite profile, which they use to commit identity theft and fraud. This is known as social media profiling.

Fake web pages and websites

Fake websites and pages are often used in conjunction with phishing attacks. These attempt to trick you into disclosing personal information, login details or financial information. They may impersonate well-known companies in an attempt to take payment for goods or services that are fake or do not exist.

Choosing a strong password and keeping it safe

Choosing a safe and memorable password is easy. Today's advice is to make passwords long, rather than complex. Find out more about how you can choose a strong password and keep your password safe. You may also wish to consider using a password manager.


Malware is any malicious software used to steal your money or identity, or which can make your computer take part in cyber attacks on the internet. You can protect yourself by using anti-virus software. We provide McAfee free for all staff and students for work and home use.

General advice when using your devices



When you have finished your work do log out, especially on public computers.

Don't leave any browser windows open when you have finished your browsing session.

Do set a password or PIN on your own devices.

Don't put it off until tomorrow.

Do apply updates to all of your devices' operating systems and software as soon as you are prompted to do so. Software updates often contain security patches to protect you from the latest threats or exploits.

Don't ignore this because you're not sure. Ask your local IT Officer or contact us for advice:

01223 332999

Do back up your data so it can be recovered if your device is compromised, lost or stolen.

Don't assume that this will never happen to you!

Do enrol in 'Find my device' and remote wipe services on your mobile devices. You will be able to track a lost/stolen device and clear any personal or sensitive data stored on it.

Don't store personal financial data on a device. 

Do install apps only from the recognised stores:

Don't automatically trust free apps. Take care if you decide to use them. Many free apps share their user information with advertisers or other third parties. Check the permissions/access they request on installation.

Apps installed from unofficial sources may also harbour viruses or provide a vector for malicious attacks on your system.

Do run antivirus software or scanning tools on your mobile devices. Do ask your local IT officer or the , who will assist you in selecting and installing antivirus software.

Don't assume that your mobile device doesn't need antivirus protection.

Android users can download free protection from McAfee via the Google Play store.

Do use eduroam for wireless access to the internet. It automatically logs you in and it saves you money on data usage.

Don't put it off, this takes just a few minutes to set up and it saves you time whenever you need an internet connection in Cambridge or other universities.

Do turn off file sharing and remote login when you're using your devices on a public Wi-Fi network, otherwise anyone can access your files.

Don't assume that there is nothing much of interest on your laptop or mobile phone. Scammers can use any personal information to target you for fraudulent reasons.

Do make sure websites' addresses start with https –especially when you're exchanging sensitive information, such as your bank or credit card details. The 's' on 'https' means 'secure'. These sites encrypt your communication and are safe.

Don't forget to check that you are using legitimate web sites, e.g. the official Cambridge CUSU Facebook and freshers page or Twitter page.

Don't trust everyone online – only trust people through the official channels, e.g. trusted College or institution contacts.

Do perform a factory reset to erase all your personal information before you sell a device.

Don't assume that just deleting all your photos is enough.

Do think before you trust emails. They may be a scam to trick you into following a malicious link that downloads malware or to make a phone call that will cost you a lot of money.

Don't immediately use the phone numbers given in an email or online. If a message is a scam, these may put you directly in contact with the scammers. Instead, contact companies and suppliers using the details published on their websites.

We've created a Moodle course that contains a series of short films and quizzes explaining different online safety issues, with lots of helpful hints and tips.

Enrol in the course

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

RSS Feed Latest news

Panopto maintenance at midnight tonight (00:00 on Thursday 8 October)

Oct 07, 2020

The Panopto Lecture Capture Cloud service will be undergoing maintenance on Thursday 8 October 2020 from 00:00 (midnight tonight) and will be unavailable for up to 3 hours.

GBN network joins up to plant protection

Sep 30, 2020

The University's data network, the Granta Backbone Network (GBN), has joined up to the plant protection provider LinesearchBeforeUDig. This will add an extra level of protection to our essential core infrastructure at this critical time for the University.

View all news