skip to primary navigationskip to content
 

Stay safe online: a spotter's guide to scams

Unfortunately, not everything on the internet is what it seems. Sites might display deliberately false information for various criminal reasons, so always check that you are on a legitimate site, and think before you follow a link in an email, or download content or a new app. These pages will show the most frequent types of scam used against members of the University, along with tips on how to avoid them.

Phishing and spear phishing

Phishing scams attempt to gain access to your personal information, account details and/or financial information using social engineering techniques.

Fake web pages and websites

Fake websites and pages are often used in conjunction with phishing attacks. These attempt to trick you into disclosing personal information, login details or financial information. They may impersonate well-known companies in an attempt to take payment for goods or services that are fake or do not exist.

Malware

Malware is any malicious software used to steal your money or identity, or which can make your computer take part in cyber attacks on the internet. You can protect yourself by using anti-virus software. We provide McAfee free for all staff and students for work and home use.

General advice when using your devices

DoDon't

Do log out when using a shared computer, public terminal or public Wi-Fi to prevent your accounts and files being changed or stolen.

Don't leave any browser windows open when you have finished your browsing session.

Do set a password or PIN on your own devices.

Don't put it off until tomorrow.

Do apply updates to all of your devices' operating systems and software as soon as you are prompted to do so. Software updates often contain security patches to protect you from the latest threats or exploits.

Don't ignore this because you're not sure. Ask your local IT Officer or contact us for advice:

01223 (7)62999

Do back up your data so it can be recovered if your device is compromised, lost or stolen.

Don't assume that this will never happen to you!

Do enrol in 'Find my device' and remote wipe services on your mobile devices. You will be able to track a lost/stolen device and clear any personal or sensitive data stored on it.

Don't store personal financial data on a device. 

Do install apps only from the recognised stores:

Don't automatically trust free apps. Take care if you decide to use them. Many free apps share their user information with advertisers or other third parties. Check the permissions/access they request on installation.

Apps installed from unofficial sources may also harbour viruses or provide a vector for malicious attacks on your system.

Do run anti-virus software or scanning tools on your mobile devices. Do ask your local IT officer or the , who will assist you in selecting and installing anti-virus software.

Don't assume that your mobile device doesn't need anti-virus protection.

Android users can download free protection from McAfee via the Google Play store.

Do use eduroam for wireless access to the internet. It automatically logs you in and it saves you money on data usage.

Don't put it off, this takes just a few minutes to set up and it saves you time whenever you need an internet connection in Cambridge or other universities.

Do turn off file sharing and remote login when you're using your devices on a public Wi-Fi network, otherwise anyone can access your files.

Don't assume that there is nothing much of interest on your laptop or mobile phone. Scammers can use any personal information to target you for fraudulent reasons.

Do turn off Wi-Fi when you are not using it in a public place.

Don't forget to turn off Wi-Fi when you are not using it in a public place.

Do make sure websites' addresses start with https –especially when you're exchanging sensitive information, such as your bank or credit card details. The 's' on 'https' means 'secure'. These sites encrypt your communication and are safe.

Don't forget to check that you are using legitimate web sites, e.g. the official Cambridge CUSU Facebook and freshers page or Twitter page.

Don't trust everyone online – only trust people through the official channels, e.g. trusted College or institution contacts.

Do perform a factory reset to erase all your personal information before you sell a device.

Don't assume that just deleting all your photos is enough.

Do think before you trust emails. They may be a scam to trick you into following a malicious link that downloads malware or to make a phone call that will cost you a lot of money.

Don't immediately use the phone numbers given in an email or online. If a message is a scam, these may put you directly in contact with the scammers. Instead, contact companies and suppliers using the details published on their websites.