Events

There are two types of events that you need to be aware of.

1: Malware - something's not right with my computer
2: Phishing - I clicked on something

1 - Malware - something's not right with my computer

Indicators of malware running

Some indicators that your computer is running malware are (list from Kaspersky’s blog):

Unexpected Crashes: If you’ve ever experienced this, you probably already know the hard way that your system crashing or regularly switching to the terrifying blue screen of death is a major red flag that something is very wrong. If it’s happening to you now, immediately scan your system for infections.
Slow System: If you you’re not running any resource-heavy applications on your system but it’s running slowly anyway, it may be because your system is infected with a virus.
Excessive Hard Drive Activity: Similarly, if you notice a lot of hard drive activity even when your computer is idle, this is a warning sign of a potential infection.
Strange Windows: If strange windows pop up during the booting process, particularly those that warn you of lost access to various drives on your system, something is wrong.
Peculiar Messages: If those troubling dialogue boxes crop up when your system is running alerting you that various programs or files won’t open, this is also a bad sign.
Bad Program Activity: If your programs go missing, are corrupted, or start to open themselves without your initiation, and/or if you receive notification that a program is attempting to access the Internet without your command, this is a serious warning sign that you are the victim of malware.If you receive notification that a program is attempting to access the Internet without your command, this is a serious warning sign that you are the victim of malware.
Random Network Activity: If your router is constantly blinking indicating a high level of network activity when you aren’t running any significant programs or accessing high amounts of Internet data, something might be wrong.
Erratic Email: If your emails aren’t sent, or you hear from your contacts that they’re getting strange emails from you that you did not send yourself, this is a strong indication that your system has been compromised (or that your email password has been stolen).
IP Address in denylist: If you receive notification that your IP address has been added to denylist, consider this about as sure a sign as any that your PC is not in good hands — there’s a very good chance it means your system has been compromised and is being used as one tentacle in far-reaching, spam-sending botnet.
Unexpected Antivirus Disabling: Many malware programs are designed to disable the antivirus suites that would otherwise eradicate them, so if your antivirus system is suddenly not operating this could be a sign of a much larger problem.

Reporting suspected Malware

If you clicked on a link from a malicious site or have loaded or run possibly malicious software (eg. a download or attachment) or suspect your computer is running malicious software.

Turn off your wifi or unplug the network cable
Use your phone to head to this page.
Immediately notify the IT Manager
Provide the following information:
- how did you received the link (email, sms, etc)
- what legitimate site was the site attempting to impersonate (ie made to look like Office365, Adobe, etc)
- Have you used the password for any other sites (UD or personal)?

Use the Raise a data breach form on this site to do this.

2 - Phishing - I clicked on something

Alertlogic describe phishing:

“Phishing is one of the most common and effective cybersecurity attack vectors … Phishing is a type of cybersecurity attack that usually involves malicious actors sending fraudulent emails [or SMS] disguised as sources familiar to the target in an effort to steal sensitive data, like account information, login credentials, personal details and more. Phishing emails typically contain malicious links, attachments or downloads, which serve as a vehicle to infect the host system with malware. However, phishing can also be as simple as the attacker soliciting personal information directly from the recipient, making it seem as though the request is coming from a trustworthy source”

Reporting a Phishing attack

If you clicked on a malicious attachment, see the Malware page for further information.

If you clicked on a link and entered your username and/or password into a potentially malicious site.

Immediately notify (1) the IT Manager
Provide the following information:
- how did you received the link (email, sms, etc)
- what legitimate site was the site attempting to impersonate (ie made to look like Office365, Adobe, etc)
- Have you used the password for any other sites (UD or personal)?

Use the Raise a data breach form on this site to do this.