Anti-Phishing Measures

From ECE Information Technology Services
Revision as of 15:24, 29 May 2017 by Derekp (talk | contribs) (moved Anti-phishing measures to Anti-Phishing Measures)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Please do your part to keep your password safe, as a security breach can impact all users in the department. In particular, please be wary of e-mails asking you to take an action such as logging into a particular website. These are often fraudulent phishing attempts. To combat phishing, please note:

  • Any e-mail announcement regarding your ECE account should cross-reference a website with *.ece.ubc.ca in the URL. You should be suspicious of any message that does not.
  • Announcements from ECE IT staff will include the name of a staff member, not a generic signature like "Your helpdesk support team".
  • Never reveal your password to any person. IT Services staff will never ask you for your password.
  • All legitimate ECE services will use encrypted connections for logging in. (HTTPS, SSH, and IMAPS are examples of secure protocols.) Any service that asks you to enter your ECE password over an unencrypted HTTP connection or to send your password by e-mail is fraudulent.
  • If in doubt about a suspicious message purporting to be from UBC or ECE IT Services, we encourage you to ask us.