Frequently Asked Questions
- Virus protection
- Email Header Information
- Infected machines
- Advice for researchers
- Advice for staff handling card data
Why can't I get to a web site?
From February 2016, in order to prevent people accidentally visiting web sites which can give them a virus, access to these web sites from campus has been blocked. In some cases, you won't notice that this has happened. In a few cases, such as if you accidentally click on a link in an email to a malicious site (e.g. a phishing email), you will see a "page not found" error (404). This usually means that your computer has been protected from harm, and you need take no further action.
If you need any advice on what to do, or you suspect that you may have a virus, please contact the ISD Service Desk: firstname.lastname@example.org
How can I manage spam and junk email?
Unfortunately we cannot eliminate all spam emails, the spam filters already block a significant amount but if the spam filter rules are too strict, it would
result in legitimate mail being flagged as spam.
Please see the links below on how to manage junk email settings in OWA and Outlook 2010/2013:
For more guidance please see:
Microsoft have produced guidance for dealing with abuse, phishing, or spam in Outlook.com: https://support.office.com/en-gb/article/Deal-with-abuse-phishing-or-spam-in-Outlook-com-0d882ea5-eedc-4bed-aebc-079ffa1105a3?ui=en-US&rs=en-GB&ad=GB
How can I report junk email in Office 365?
Click on the dropdown menu (down arrow) to the right of 'Reply All', select 'Mark as junk'.
The following dialog box will appear:
Click on 'Report'.
CERT UK Guidance - Phishing: What is it and how does it affect me?
I've received an email asking me to enter my username and password, what shall I do?
This is a 'phishing' email designed to steal your credentials.
Please note that no member of UCL staff should ever ask you for your password, nor ask you to send your password by email, so any email (or telephone call) that does is a scam. Our advice on this is that you should treat your password as you would treat the PIN number for your bank card - keep it secret and don't share it with anyone, not even your friends.
We do always advise that you should report these phishing emails to Action fraud (we do not have the time nor resources to report every phish individually ourselves): http://www.actionfraud.police.uk/report_fraud
For ISG's information, please forward the email received to: email@example.com
Here is our link with some phishing email advice,
but you can find it directly on the main UCL website too:
If you are unsure, ask, don't click.
How can I report phishing email in Office 365?
Click on the dropdown menu (down arrow) to the right of 'Reply All', select 'Mark as phishing'.
The following dialog box will appear:
Email Header Information
How do I send you the email headers when I report a phishing email?
Right click on the email, select 'More Actions', and click on 'Forward as Attachment'.
Double click on the email, click on the 'More actions' button which looks like three dots (...), select 'view message details', copy and paste the header information into an email and send it to us.
In Office 365:
Click on the dropdown menu (down arrow) to the right of 'Reply All', select 'View message details', copy and paste the header information into an email and send it to us.
I have a virus infection on my machine, my anti-virus software will not remove it, what else can I try?
It can sometimes take time for anti-virus software to start detecting a particular virus, when this happens you can try the following:
Sophos Anti Rootkit http://www.sophos.com/en-us/products/free-tools/sophos-anti-rootkit.aspx
F-Secure Rescue CD http://www.f-secure.com/en/web/labs_global/removal-tools/-/carousel/view/142
Advice for researchers
I am a researcher working with personal identifiable data (pid), what steps should I take to ensure that I keep this data secure?
Please see the following advice from AISC on the handling of sensitive data:
Advice for staff handling card data
My department handles card data, are there any steps we need to follow or standards that we need to adhere to?
If your department is handling card data then you need to ensure that you adhere to the PCI DSS Data Security Standard, more information can be found in the link below:
If you need further assistance please contact us.