Ransomware attacks - What you need to know to keep us safe
8 September 2021
IT Services have been warned of a new Windows exploit that is currently in circulation worldwide, where attachments containing malicious code are being spread to Office365 users.
No cases have been discovered in Trinity, however, we request that staff and students remain vigilant and exercise extreme caution before opening any unexpected attachments in Office365 unless you are 100% certain of the source.
Opening malicious attachments can lead to ransomware being downloaded and installed on your computer, and then onto Trinity’s central IT systems, which can cause significant damage to the University.
Ransomware is most commonly spread via fraudulent emails, either as an infected attachment that contains malware or with a link to the scammer’s website.
Below we have answered six questions regarding ransomware, phishing and how to protect us all against these types of cyber attacks.
1. What is ransomware?
Ransomware is a type of malware, where scammers aim to trick their targets into downloading malicious software on their computers in order to encrypt their files or lock them out of their devices. If you fall victim, the scammer demands you pay a ransom to recover your files and/or regain access to your device.
2. What is phishing?
Phishing is a form of online fraud. Scammers use phishing emails to trick you into giving away important information, such as your login details. They can then use these to access your own data, or data that you have access to, putting the entire University at risk.
3. How can I identify a phishing email?
It is easy to be alarmed by a phishing email, they are designed to get us to act without question. They may appear to come from a legitimate business that you have previously dealt with or a colleague. Remember to stay cautious, always take your time and consider the validity of the email.
4. What should I do if I receive a phishing email?
Please report any email that you believe is phishing to the IT Service Desk (email@example.com / +353-1-896-2000) and delete it. Treat any email that asks for your username and password with extreme caution.
5. What should I do if I have fallen for a phishing scam?
If you think you have fallen prey to a phishing email, immediately:
- Change your password
- Report the incident to the IT Service Desk (firstname.lastname@example.org / +353-1-896-2000)
6. How can I protect my computer, my data and Trinity IT systems?
- Stay current on software security updates for your devices. To make sure you are up-to-date, you can run a manual installation today. Instructions are available on our 'Software security updates' web page.
- Make sure you have anti-virus software installed on your devices and ensure they are running up-to-date virus definitions.
- Backup your data, files and devices regularly - this will help you recover the latest version of any lost or damaged data should you fall victim to ransomware. See our 'Data backup and file management' web page.
- Do not download or open files from unsolicited emails. If you receive an email with attachments you were not expecting, check with the sender before acting on the email.
- Remain vigilant and report any unusual activity to the IT Service Desk.