UWA has received notification that universities have been targeted by a hacking group, and library databases have been successfully accessed. The group conducted a phishing campaign against specific UWA staff to capture their credentials. The University is working with staff who were targeted to ensure their information and data is safe and is reviewing the broader security of the Library database apps to identify vulnerabilities.
Uni IT have a programme of works focused on uplifting cyber capabilities that will improve our ability to protect, detect and respond to incidents such as these. Briefings to all faculties and portfolios on phishing and broader IT security issues are being scheduled for early 2018.
Phishing scams are becoming more prevalent and this incident is a timely reminder that we all need to be vigilant in identifying scams and protecting both the University’s data and your personal data at home. If you believe an email looks suspicious, copy it into an email to University IT on firstname.lastname@example.org.
What to look out for:
- Does the sender address look suspicious?
- Is the email addressed to ‘Dear User’ or other generic titles?
- Are you being asked to send personal information?
- Does the email lack valid contact details?
Further information on how to identify a phishing scam can be found on the UWA Cyber Security Website.