To celebrate IT Security Week and International Data Protection Day 2023, we will be hosting two online events and posting topical security articles, as outlined below.
Phishing
1 February 2023
What is phishing?
Phishing is the crime of deceiving people into sharing sensitive information like passwords and credit card numbers. There's more than one way to trick the target, but email is the most common phishing tactic. Phishing is still the biggest cause of data breaches and financial compromises across all industries.
How can I identify a phishing email?
It is easy to be alarmed by a phishing email, they are designed to convey a sense of urgency to get us to act without question. They may appear to come from a legitimate business that you have previously dealt with or a colleague. But there are things to look out for to help you recognise a phishing email:
- Is the email coming from an official email address (e.g. school@tcd.com vs school@tcd.ie)?
- Is the email trying to get you to act fast and does it use threatening language?
- Does the email have poor grammar and punctuation?
- Does the email contain a suspicious attachment or link?
Remember to stay cautious, always take your time and consider the validity of the email.
What should I do if I receive a phishing email?
Treat any email that asks for your username and password with extreme caution. Never open attachments or click on links unless you are fully confident the message is from a legitimate party.
Please report any email that you believe is phishing to the IT Service Desk (itservicedesk@tcd.ie/ +353-1-896-2000) and delete it.
What should I do if I have fallen for a phishing scam?
If you think you have fallen prey to a phishing email, immediately:
- Change your password
- Report the incident to the IT Service Desk (itservicedesk@tcd.ie / +353-1-896-2000)
Two-step sign in – Are you changing your phone number or handset?
31 January 2023
Over recent years IT Services has successfully introduced Two-step-sign-in for many Trinity IT Services including Email, Blackboard and VPN (Virtual Private Network).
What is two-step sign in?
Two-step sign-in protects your account by sending a six-digit randomised code to your mobile phone or authenticator app each time you log in to a service with your Trinity username and password.
Two-step sign-in adds an extra layer of security to your email and ensures that your account cannot be used without your knowledge. You can also use it to change your forgotten or lost password any time you need to do so.
Essential information to remember if changing phone number or handset
If you plan to change your phone number or phone handset you need to take action to ensure that you do not inadvertently prevent yourself from accessing your Trinity accounts. This may happen because you are unable to access the security code on your phone to complete the sign in process.
This may occur if you purchase a new phone or change phone number. This may also be an issue if you have an additional phone that you use when in another country on vacation or when returning home if you are an international student or staff member.
What do I need to do?
All staff and students need to remember to register any new or alternative phone numbers or to install the authenticator app on your new or alternative handset before you lose access to your previously registered phone or phone number.
How do I add a new phone number for TSSI?
To add an additional phone number, follow the below steps.
- Log into http://office.tcd.ie
- Click on your profile icon at the top right. Then choose View account.
- From the left menu, choose Security info. Then click the + Add sign-in method button.
- Select Alternative phone from the dropdown and choose Add.
- You will then see a screen where you can enter your new number.
- Select your country code and enter your mobile number.
- Choose Call me and click on Next.
- You will receive a call from Microsoft. Answer the phone and follow the prompts.
- Once the code is verified, you will see a message to say the phone was registered successfully. Click Done to complete the setup.
What should I do if I have any difficulties registering my new number/phone?
Further information on two-step-sign-in is available on the IT Services website.
Additionally, the IT Service Desk can assist with any difficulties.
Events and training
25 January 2023
IT Security and Data Protection Training – Monday 30th January, 12 – 1pm
To mark International Data Protection Day 2023, we are hosting IT Security and Data Protection online training for Trinity staff in collaboration with the Data Protection Office. Join our IT Security Specialist Amir Bijedic and Data Protection Officer John Eustace as they talk about phishing, ransomware, data protection and GDPR, as well as the importance of respecting privacy and safeguarding personal data.
Register for this event Event registration is now closed
Data Storage, Security and GDPR compliance for Researchers – Wednesday 1st February, 12 – 1pm
This online event for Trinity research staff will provide guidance on where to store your Trinity research data, how to ensure your research data is secure, as well as how to meet your obligations under the GDPR. Join Information Security Manager Sara McAneney, Research IT Manager Darach Golden, and Deputy DPO for Research Evelyn Fox who will share best practices for research data security and compliance.
Register for this event Event registration is now closed
Data Protection Training Module
Please note that staff at Trinity who process personal data as part of their duties must complete the mandatory Data Protection Training Module (online). The module takes approximately 45 minutes and includes a short assessment which staff must pass in order to successfully complete the training.