Recently, there have been some fraudulent (phishing) e-mails or websites sent to CUHK users that appear to be from ITSC or CUHK to request users to confirm, verify or provide their accounts or personal information.
The ITSC or CUHK never asks users for this information through e-mail. Do not reply or send any information to the senders or click any hyperlink of those e-mails and websites, until the authenticity of emails and websites can be verified.
Click News in the top menu > Search from Category = Information Security
Phishing emails can come from any email addresses such as a compromised CUHK account. These emails generally urge you to log in or change password before a deadline.
Here are some common phishing email subject lines:
Are you available? / Are you at your office?
Quick Help / Assistance / Response Needed
Payment / Transaction Notification
Account Verification
ALERT! Office 365 Password About To Expire
Important Notice: Verify your account NOW!
Your account was under attack! Change your access data!
I own your information!
I was able to hack you, and stole the information!
[ITSC-CUHK] 你的OnePass賬戶正在被盜用
Phishing emails always appear to be sent from the University or Individual CUHK staff. These emails have links requesting you to confirm or verify your account information with key phases such as
Verify/Update/Confirm your account
If you don’t respond/reply within XX hours, your account will be closed
Check if the sender is related to the email content. For example, a student (i.e. xxx @link. cuhk. edu. hk) would not notify you about password expiry.
If you put your mouse over (NEVER click) these links, your browser will show an address that you are going to visit. For phishing emails, they indeed do not match with the legitimate website that mentioned in the email (example below)
Phishing website use legitimate webpage’s look and feel. They usually embed and install with virus, trojan or malicious software
You are suggested to follow the questions below whenever checking an email. If the answer is Yes, this probably is a phishing website or email! You are under a risk of identity theft if you act according to this phishing!
Does the email ask for your personnel information or account verification?
Does the email look so different from the mass mails you generally received?
Does the email have a hyperlink unmatched with the URL it displays to you?
Is there any spelling mistake, apparent grammatical mistake or meaningless subject?
Does the email ask you to open a file with a general message but without any description?
Is https://xxx.cuhk.edu.hk absent from the login website URL?
Contact ITSC if in doubt
The embedded link in the email does not match with the legitimate one
A typical phishing email requesting you to activate your account
If you have received a suspicious and strange e-mail asking for your account information, you should:
NEVER reply to the e-mail or click any link or open attachment in the e-mail.
Check whether it is a reported case on the ITSC homepage
If it is listed on the page, delete the e-mail at once.
If it is a new case, report to your LAN administrator or ITSC through infosec@cuhk.edu.hk or ITSC Service Desk with the original email attached.
To attached the original email, please follow the steps below:
In Microsoft Outlook, right click the email and click “Copy”.
Create a new email, in composing area, right click and then click “Paste”.
If you have received these e-mails and supplied your password, please take the following measures immediately:
Change your OnePass password IMMEDIATELY with strong password on a Virus-free and Patch Updated Machine. You can use either methods stated at ITSC homepage to change your password. Remember that the change must be done on a virus-free and patch updated machine. Check our guidelines to safeguard your password.
Perform a System Health Check.
Scan your machine using Kaspersky anti-virus and/or malicious code detection software with most up-to-date signature.
Apply the latest security patches onto your machine.
[Office PC/notebook] Staff users please contact your department IT support to carry out a system health check onto your machine.
[Highly Recommended] Reinstall the PC/notebook as phishing web site may have malware embedded.
Check any unauthorized mobile devices connecting to your mailbox Go to Office 365 Portal > Outlook > Gear Icon at the top right corner > View all Outlook Settings > General > Mobile Devices > double click each mobile device to see the details.
Check any unauthorized Windows / Macs connecting to your Office 365 account
Go to Office 365 portal > User Name at the top right corner > My Account > App & Devices
Check if your mails have been forwarded to other account.
Please log into your Office 365 Mail/@Link to check and stop any email forwarding settings have been setup without your notice.
Check if new rules have been setup in your Inbox.
Please log into your Office 365 Mail/@Link to check and remove any new rules have been setup in your Inbox without your notice.
Contact ITSC so that we know you have taken above actions to re-secure your account. To stop hackers’ further actions, ITSC will reset your password if being compromised or misused. You will then fail to access other University services.
These phishing e-mails and websites are designed to look like the real ones. Fraudulent bank websites for example, are hosted to lure you to give your account information. The most common way is through e-mail and pop up instant messages, where “banks” or “distant relatives” ask for the user’s personal information and password.
Here are some guidelines to avoid falling victim to phishing scams:
DOs
Remember that legitimate companies will never ask their clients to send over sensitive information online. If you are unsure, you can phone the company to verify if they have sent such an e-mail.
Type the actual URL address (if they are safe to visit) yourself instead of clicking onto the link inside the e-mail. Sometimes, the scammers may send you a URL that looks proper but secretly links you to a fake website.
Lock your computers and mobile phones in case they fall into bad hands
Change your passwords regularly
DONTs
Open any e-mails or follow any URL links from non-verified sources or e-mails.
Open attachments from unknown e-mails, as they may contain computer Trojans (a type of malware) that records your keystrokes when you enter your passwords and spies on your computer data without your knowing.
Have sensitive information such as ID-card number, credit card details, drivers licenses, or passwords saved in your computer. This makes you particularly vulnerable to Phishing
This website uses Cookies, including Cookies from Google Analytics, to ensure you get the best browsing experience. If you “Continue” to use this site, you consent to the use of Cookies. Read more about Cookies
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.