Threats

There are a multitude of threats online, but a few simple ways of stopping yourself from being a victim. Besides the advice below, the Get Safe Online website  has up-to-date information and guidance to help you stay protected.

Login and password scams - your details

If you receive a request from anyone within IT Services (or anywhere else) asking for you to send your username and password (or any other personal details), please treat this as a scam and do not comply. Coventry University IT Services will never ask you for this information and it should never be revealed to any third party.

If we need information from you, about you or your account, we will speak to you and - even under those circumstances - you should always check credentials by asking for ID or phoning us back on a validated phone number. If you are logging on to one of our systems via a web page link, please confirm the URL address of the page and that it has 'coventry.ac.uk' as part of the beginning of the address. If it hasn't, then don't use it.

Key loggers

These are devices that are openly (and cheaply) available. These devices can either be left attached to the target computer by being plugged in to an available USB port or attached to the keyboard cable of the PC.

When the device is in position it will be capable of recording all keystrokes (ie everything that you type) whilst the device remains in place, and is limited only by the memory capacity of the device. Data captured may include any login names and passwords used in the session.

Please be aware of the existence of these devices and be vigilant when using any PC. One precaution is to check the PC to ensure that no supplementary devices are attached before you make use of it. Any devices discovered should be removed and passed to IT Services immediately. There are also downloadable key logging programmes that can be installed on the PC so be vigilant of any unusual programme activity. If in doubt, ask IT Services for support .

Financial scams

IT Services are warning people to be on their guard and not to respond to emails requesting money. A number of people have been contacted by emails reportedly from banks, eBay and also claiming to be from Coventry University (requesting cash for course fees). These emails may try to link you to a page where you are asked to login. This is known as 'phishing' and the aim of these emails is to steal your information.

Under no circumstances will your bank, eBay or Coventry University request either information to give them access to your account or money for courses via email.

Scams can also include bogus competitions which hold out the promise of winning a prize in a competition that you haven't even entered, or a promise of a large amount of money that needs to be transferred urgently.

If you should receive any scam email that has not been filtered, or you have requested a release of an email and you discover it is asking for such information, please do not respond and certainly do not send personal information or money. IT Services do block and filter these emails but new spamming techniques are designed every day and on a rare occasion, one of these scam emails can get through the filtering software and into your mailbox.

Do not open any links in these emails - if the University, or a bank, emails you asking you to log in to their system, ensure that you do not use these links, but navigate to the organisation's official homepage and go via their website.

We ask you all to be vigilant on this matter and do not respond to these scam emails.

Additionally, you should be aware that techniques are being used which ‘hijack’ the connection between your browser and your finance site (e.g. your bank) by use of a Trojan. When conducting such transactions, please be aware of the pattern of information that you would normally be asked for. If you are suddenly being asked  to provide information that you haven’t been asked for previously then you should terminate the connection and advise the site you are visiting that you suspect you may have been victim to an MITB attack so that they may check your account.  You should also then get your PC checked out for possible infection.

Find out more general security advice. 

Viruses and malware

‘Malware’ is a general term used to describe a variety of forms of hostile, intrusive, or annoying software or program code. Computer viruses can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the internet, or carried it on a removable medium such as a USB drive. View our advice on protecting against viruses and malware.