IT Security alert: spyware emails

Thursday, 27 July 2017

Earlier today (Thursday 27 July) the IT department detected a substantial outbreak of Spyware (a malicious programme that aims to gather information from your computer) across the University affecting over 70 machines. 

While the programme is being prevented from running properly by the University’s Anti-Virus software, the machines are still infected and there will be some disruption while they are cleaned and the outbreak is contained.

The software is spread via an email which does not have a standard text, but refers to either an email payment or an invoice that needs to be paid. Within the body of the email there is then a link, which when clicked on will mean that software is downloaded and the machine is infected. Two examples are:

________________________________________

Subject:   Please pay your invoice with id number: 539193

Good Day,

Thanks for the mail.

Click here to pay and see your payment details:

If you have any questions related to this attachment, we will be more than happy to assist you.

Sincerely Yours,

________________________________________

Subject: Email payment notification number: 25979

Greetings ,

Click here to pay and see your payment details:

If you need any further assistance or have queries regarding your invoice, please do not hesitate to contact us.

Regards,

________________________________________

It has also been reported that some of these emails appear to come from members of University staff, including staff on annual leave and those no longer working at the University. These are spoofed email addresses which have been forged to look like legitimate addresses.  

If you receive an email like this, do not click on the link – delete the email. 

Please remember the standard IT Security advice and be suspicious of all links and attachments you receive by email.

Additional information is available at the IT website.