IT Blog

Dear Colleague,

As a user of University computing and information services it is your
responsibility to be familiar with the IT Code of Practice and the
Regulations on the Use of Computing Facilities.

* IT Code of Practice - http://www.shef.ac.uk/cics/codeofpractice/
* Regulations on the Use of Computing Facilities -
http://calendar.dept.shef.ac.uk/calendar/09_regs_on_the_Use_of_Computing_Facilities.pdf

In particular your attention is drawn to the need for password
security. It is important, for your own protection and the security
of University systems, that you choose a strong password for your
University account and that you never disclose it to anyone else. The
University’s policy on passwords can be found in the IT Code of
Practice; to help you follow this policy please read the web page on
passwords.

* IT Code of Practice - Section 8. Passwords -
http://www.shef.ac.uk/cics/codeofpractice/index.html#8
* Advice on Passwords -
http://www.shef.ac.uk/cics/codeofpractice/password.html

You are also reminded of the threat posed by phishing. Phishing
refers to a type of fraud, in which people try to trick you into
revealing your username and password or other information, like bank
details. You should never respond to an unsolicited request for your
University username and password, whether by phone, email or webpage,
no matter how convincing or intimidating the request may be. Further
information can be found on the Phishing web page.

* Phishing - http://www.shef.ac.uk/cics/phishing

If you have any questions or require further information please
contact the CiCS Helpdesk

* Help and Support - http://www.shef.ac.uk/cics/support

–
John McAuley
Assistant Director, Corporate Information and Computing Services

Please be aware that the following is an example of a scam.

Cics will NEVER ask for your username and password.

See http://www.shef.ac.uk/cics/phishing/phexam3.html

From: THE UNIVERSITY NEW EMAIL
ReplyTo: itshelpdesk@cyberservices.com
Subject: Re:Re UNIVERSITY I.T.S UPDATE
Sent: 23 Jun 2010 08:53

Dear email user,
Welcome to the university New webmail system.
Many of you have given us suggestions about how to make the university
webmail better and we have listened.This is our continuing effort to
provide you with the best email services and prevent the rate of spam
messages received in your inbox folder daily .Consequently all in-active
old email accounts will be deleted during the upgrade.We recommends all
email accounts owner users to upgrade to the new email by filling in your
info in the space provided in the bracket in order for you to preserve
your account from deletion;(Email User I.D_______), (Email
Password_______) and(Date of birth________).
Webmail TEAM
Checked by AVG - Version: 8.5.437 / Virus Database: 271.1.1/2840 - Release

Be aware that there are a number of scam emails circulating, especially those that ask for your username and password.  If you have replied, please change your password immediately.

The message is asking you to provide your account details or else your account will be suspended - CiCS is not in the business of threatening University members!

Here are the tell-tale signs of a phishing message:

1. The message is from an email address which is not a University of Sheffield email address.
2. The message has a ‘Reply-to’ address   which is not a University of Sheffield email address.
3. The massage contains wrong or American spellings
4. The message asks for your Date of Birth!!
5. The message threatens to close your account, which CiCS do not do.
6. The message gives no phone number or email address for enquiries.

Nobody in CiCS knows your password! Passwords are encrypted on secure machines. We will never ask you to confirm your password for verification, as we do not know what it should be.