About jovitatou

This author has not yet filled in any details.
So far jovitatou has created 3 blog entries.
3 2023-11

Join the Cybersecurity Promotion Activity for a Chance to Win!

2023-12-01T00:04:09+08:00

Dear students:

In today’s digital era, cybersecurity is an issue that cannot be omitted. ICTO is currently hosting a cybersecurity promotion activity. Through this activity, we aim to raise students’ awareness in cybersecurity by offering the chance to win the prizes. Don’t miss out! Deadline of the activity is 17 November 2023 (Friday)!

Just complete the following two steps, you will automatically enter the lucky draw:

  1. Enable Two-Factor Authentication (2FA): This additional layer of protection significantly reduces the risk of unauthorized access. Please follow the instruction to enable 2FA with your student account (If you have already enabled the 2FA service, please proceed directly to Step 2 for the Cybersecurity Quiz):
  2. Cybersecurity Quiz: Test your knowledge and understanding of cybersecurity by participating in this quiz that consists 10 questions, which will cover various aspects of cybersecurity.
    The unique quiz link will be sent to your email in due course. Please note that forwarding the link will be invalid!

Terms and conditions:

  1. At the end of the event, the system will randomly draw 5 lucky winners, each of them will receive one of the following prizes :

    • iPad 10 Wi-Fi 64GB
    • Marshall Motif II A.N.C.
    • Redmi Watch 3
    • Transcend USB Disk (1TB SSD)
    • Momax Q.Mag X Magnetic Wireless Battery

  2. Winners will be notified individually for prize collection arrangements. The prize can be collected at ICTO (Address: N6-2017, Administration Building). If the winner cannot be reached by 29 December 2023, ICTO reserves the right to disqualify the winner.
  3. Prizes are not transferable or redeemable for cash.
  4. In case of any disputes, the interpretation and decision of ICTO shall be final.


 

 


Should you have any enquiries, please feel free to contact  icto.security@um.edu.mo.

We wish you every success in your study!

Information and Communication Technology Office

親愛的同學:

在這個數字化的時代,網絡安全是一個不容忽視的議題。資訊及通訊科技部正舉辦一項網絡安全推廣活動。透過此活動,希望能提高同學們對網絡安全的意識,同時提供贏取豐富獎品的機會,活動截止日期為2023年11月17日(星期五)

只需要完成以下兩個步驟,就能自動參加抽獎:

  1. 啟用帳戶雙重認證功能(2FA:為了使帳戶更加安全,不容易被未經授權的人士訪問。請按照以下指示,為您的學生帳戶啟用雙重認證功能(如您早前已啟用2FA服務,請直接跳往第二步進行網絡安全知識測驗)。
  2. 完成網絡安全知識測試通過參加小測試,可以讓同學測試一下自己對網絡安全的認識和理解。請回答10題網絡安全相關問題。
    知識測試個人專屬鏈結將於稍後時間以電郵方式發送至您的郵箱, 鏈結轉發無效!

抽獎活動細則:

  1. 活動結束後,系統將隨機抽出5位幸運兒,將分別獲得以下獎品:

    • iPad 10 Wi-Fi 64GB
    • Marshall Motif II A.N.C. 主動降噪真無線藍牙耳機
    • Redmi Watch 3
    • Transcend USB Disk (1TB SSD)
    • Momax Q.Mag X磁吸無線流動電源

  2. 得獎者將由專人通知;領獎地點為澳門大學行政樓資訊及通訊科技部 (N6-2017)。若2023年12月29日前未能聯繫上得獎者,資訊及通訊科技部有權取消其得獎資格。
  3. 所有獎品不得轉讓或兌換現金。
  4. 如有任何異議,資訊及通訊科技部保留最終解釋及決定權。

 

 

 

 

 

 

如有任何疑問,請隨時發送電子郵件至 icto.security@um.edu.mo 與我們聯絡。

祝學業進步!

資訊及通訊科技部

Join the Cybersecurity Promotion Activity for a Chance to Win!2023-12-01T00:04:09+08:00
25 2023-10

Information Security Tips (October 2023) – Beware of Ransomware Attacks

2023-11-19T00:00:08+08:00

To: All Users

Ransomware attacks are one of the most common types of cyber attacks in recent years. Attackers use various network intrusion techniques or methods such as impersonation and fraud to deploy ransomware programs to organizations and users, encrypt the data on the infected computer system, so that the affected systems will not be able to operate normally, and extort money and other economic benefits from the victims. At the same time, some attackers also steal data during the process and threaten victims with disclosure of confidential data to increase the likelihood of the victims compromising.

The following security measures can prevent ransomware attacks:

  1. Beware of phishing and virus emails, do not casually open attachments or web links:
    Attackers will send phishing emails with malicious program attachments or web links. Once you open, your computer system will be infected;

  2. Beware of social engineering, do not trust strangers or people with unverified identities:
    They will impersonate government officials, customer service, bank staff, etc., and induce you to download or install unknown software, or even assist them in carrying out ransomware attacks;

  3. Install antivirus software, turn on real-time protection and monitoring functions:
    Whether the ransomware program is spread via portable data storage devices (such as USB, mobile hard drives, etc.) or emails, the real-time protection function of antivirus software can effectively intercept the ransomware program when it is installed or executed;

  4. Regularly update software, keep antivirus software up to date:
    This can prevent attackers from exploiting existing software vulnerabilities for attacks. At the same time, the latest antivirus software feature database can  detect effectively and intercept suspicious software programs;

  5. Protect your user password, activate multi-factor authentication services and use strong passwords:
    They will use leaked accounts or brute force cracking techniques to remotely log into your computer system and install ransomware programs;

  6. Regularly backup data to ensure that files can be restored from backups:
    Even if data is encrypted, it can be restored from backups, which will reduce the chance of data loss.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

勒索軟件攻擊是近年最普遍的網絡攻擊類型之一。攻擊者利用各種網絡入侵技術或通過偽冒、詐騙等手段,向目標機構及用戶投放勒索軟件程式,加密受感染電腦系統的數據資料,使受影響系統無法正常運作,從而向受害者勒索金錢等經濟利益。與此同時,有些攻擊者還會在過程中竊取數據資料,並以公開其中的機密數據來威脅受害者,以增加受害者作出妥協的可能性。

採取以下安全措施來防範勒索軟件攻擊:

  1. 提防釣魚及病毒電郵,不要隨便打開附件或網頁連結:
    攻擊者會發送含有惡意程式的釣魚電郵附件或網頁連結,一旦打開,便會感染您的電腦系統;

  2. 提防社交工程,不要輕信陌生人或未核實身份的人士:
    他們會假冒政府官員、客服、銀行員工等,誘使您下載或安裝來歷不明軟件,甚至協助他們進行勒索軟件攻擊;

  3. 安裝防毒軟件, 開啟即時防護及監控功能:
    不管是通過便攜式數據儲存設備(如USB、移動硬盤等)或是電郵進行傳播,當勒索軟件程式被安裝或執行時,防毒軟件的即時防護功能可有效地把它們攔截;

  4. 經常進行軟件更新,讓防毒軟件保持在最新狀態:
    這樣可避免攻擊者利用軟件存在的安全漏洞來進行攻擊,同時,最新的防毒軟件特徵庫,能更有效地檢測及攔截可疑的軟件程式;

  5. 保護好您的用戶密碼,啟動多重認證服務及使用強密碼:
    他們會利用外洩的帳號或通過暴力破解等技術手段,遠程登入您的電腦系統以安裝勒索軟件程式;

  6. 定期備份資料,確保能夠從備份中還原文件:
    就算數據資料被加密,也可從備份中還原,大大減低數據遺失的機會。

參考資料

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Information Security Tips (October 2023) – Beware of Ransomware Attacks2023-11-19T00:00:08+08:00
28 2023-09

Important Notice: Security vulnerabilities of Google Chrome browser (updated at 28 Sep 2023)

2023-10-28T00:00:08+08:00

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Google have recently issued security vulnerability about Chrome browser.  This vulnerability may trigger privilege escalation, remote execution of arbitrary code and denial of service, which is widely exploited.

  • Please update to Google Chrome version 117.0.5938.132 (Windows, Mac and Linux) or later.

For more details, please refer to: https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

Steps to update Google Chrome browser

  • Open your Google Chrome browser on your desktop.
  • Click the three vertical dots in the upper right corner to open the dropdown menu.
  • Select “Settings“.
  • Click “About Chrome” on the left-hand sidebar.
  • Chrome will automatically check for updates or you can click the button “Update Google Chrome”.
  • Restart the Chrome.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

資訊及通訊科技部接獲網絡安全事故預警及應急中心的通知,Google官方 近日發出有關於 Chrome 瀏覽器的安全漏洞,成功利用此漏洞可能會觸發權限提升、遠端執行任意程式碼及阻斷服務;該漏洞亦正在被廣泛利用。

  • 請更新至 Google Chrome  117.0.5938.132 (Windows, Mac 和 Linux) 或之後版本

有關詳情可參考:https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

更新Google Chrome瀏覽器”步驟

  • 在電腦上開啟 Chrome;
  • 按下右上方的 [更多](垂直三點圖示) ;
  • 按下 [設定] ;
  • 在左方菜單,按下[關於 Google Chrome];
  • Chrome瀏覽器會自動進行更新,或可手動按下 [更新 Google Chrome] 進行更新;
  • 重新啟動Chrome瀏覽器。

參考資料

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Important Notice: Security vulnerabilities of Google Chrome browser (updated at 28 Sep 2023)2023-10-28T00:00:08+08:00
25 2023-09

Information Security Tips (September 2023) – Beware of Spear Phishing

2023-10-21T00:00:08+08:00

To: All Users

  • What is Spear Phishing Attack?

Spear Phishing is a specific type of Phishing Attack that targets individuals or organizations with the intention of deceiving them and gaining unauthorized access to sensitive information. Unlike regular phishing attacks, spear phishing is more personalized and involves tactics such as impersonation, enticing bait, and finding ways to bypass security measures like email filters and antivirus software.

Although general Phishing and Spear Phishing employ similar techniques, there are distinctions between them. General Phishing attacks are typically straightforward, aiming to acquire the victim’s information, such as online banking credentials, to fulfill their objectives. In contrast, spear phishing attacks go beyond simply obtaining login details or personal data. They serve as a gateway for attackers to gain initial entry into the targeted network and act as a stepping stone for subsequent Targeted Attacks

  • How does Spear Phishing Work?

Spear phishing attacks specifically aim at targeting individuals within an organization or institution, including their social media accounts like the organization’s website, Twitter, Facebook, and LinkedIn. The attackers invest time in creating persuasive email content and may include harmful attachments or links in the emails. When the recipient opens such attachments or clicks on the links, it can trigger the execution of malicious code or redirect the user to a compromised website. This provides an opportunity for the attacker to establish a hidden communication network and advance to the next stage of the attack.

  • How to Prevent Spear Phishing?

To thwart spear phishing attacks, UM employs several layers of protection, empowering system administrators with enhanced visibility and control over the network. This approach minimizes the risk of targeted attacks and mitigates various attack vectors.

Nonetheless, the most pivotal factor in defense lies in the information security awareness of employees and students. By diligently observing spelling mistakes, peculiar language, and other suspicious indicators in emails, individuals can partially shield themselves against spear phishing attacks.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

  • 何謂魚叉式網路釣魚攻擊?

魚叉式網路釣魚Spear Phishing是專門針對特定對象的網路釣魚(Phishing,其對象通常是某個機構,其最終目標是取得機密資訊,其技巧則包括:假冒他人名義、使用迷人的誘餌、避開安全機制 (如電子郵件過濾及防毒) 等等。

雖然一般的網路釣魚(Phishing)和魚叉式網路釣魚所使用的技巧類似,但兩者之間還是有所差別。兩者的差異在於,一般的網路釣魚(Phishing)相對單純,歹徒一旦偷到受害人的資料 (如網路銀行登入資訊),就算達到目的。但對於魚叉式網路釣魚來說,取得登入資訊或個人資訊通常只是攻擊的開端,這是歹徒進入目標網路的手段,只能算是的跳板而已,實質是針對性攻擊/鎖定目標攻擊(Targeted attack )

  • 魚叉式網路釣魚如何運作?

魚叉式網路釣魚通常鎖定特定個人或某機構的特定員工及其社群媒體帳號 (如機構網站、 Twitter、Facebook 和 LinkedIn),它們會精心製作出很有說服力的電子郵件內容,並且可能在電子郵件當中挾帶可造成感染的附件檔案和連結。一旦開啟檔案或連結,就會執行惡意程式或將使用者導向某個網站。接下來,駭客就能建立其秘密通訊網路,然後朝攻擊的下一階段邁進。

  • 如何防範魚叉式網路釣魚?

為防範網路釣魚,學校已設置了多層次防護,來讓系統管理員確切掌握及掌控網路的狀況,進而降低針對性攻擊的風險,防範各種攻擊途徑。除此之外,更重要的是依賴員工及學生的資訊安全意識懂得觀察郵件內的拼字錯誤、奇怪用詞,以及其他可疑的徵兆,就能預防一定程度的魚叉式網路釣魚。

參考資料

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Information Security Tips (September 2023) – Beware of Spear Phishing2023-10-21T00:00:08+08:00
14 2023-09

Important Notice: Beware of phishing emails sent by UM members

2023-10-14T00:00:06+08:00

To: All Users

There has been a recent emergence of phishing emails impersonating university staff members. Hackers are using fraudulent email addresses to send urgent emails to colleagues or students, pretending to need immediate assistance. Their intention is to deceive recipients into responding and then carry out subsequent fraudulent activities, such as money scams or attempts to obtain account passwords.

Figure 1: Desktop Version

Figure 2: Mobile Version

If you have suspicions, try to contact the sender through other reliable means for further verification, such as phone calls or text message.

Please DO NOT RESPOND to this kind of emails or provide any information to the impersonating sender. If you have any further queries, please feel free to contact our Help Desk.

Reference

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

近日出現假冒大學成員發出的釣魚電郵,黑客透過假冒的電郵地址,向其他同事或學生發出需要緊急協助的電子郵件,企圖騙取收件者回覆,以進行下一步的詐騙活動,如:金錢詐騙、騙取帳戶密碼等。

圖1:桌面版本

圖2:手機版本

遇有懷疑的情況,嘗試使用其他可靠的途徑聯絡寄件者作進一步核實,如:電話、電話短訊等。

請勿回應此類郵件及向假冒的寄件者提供任何資料,如需要協助請聯絡我們的服務中心。

參考資料

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Important Notice: Beware of phishing emails sent by UM members2023-10-14T00:00:06+08:00
13 2023-09

Important Notice: Security vulnerabilities of Google Chrome browser (updated at 13 Sep 2023)

2023-10-13T00:01:05+08:00

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Google have recently issued security vulnerability about Chrome browser.  This vulnerability may trigger remote execution of arbitrary code and is widely exploited.

  • Please update to Google Chrome version 116.0.5845.187 (Linux) or later, 116.0.5845.187 (Mac) or later, 116.0.5845.187/.188 (Windows) or later.

For more details, please refer to: https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html

Steps to update Google Chrome browser

  • Open your Google Chrome browser on your desktop.
  • Click the three vertical dots in the upper right corner to open the dropdown menu.
  • Select “Settings“.
  • Click “About Chrome” on the left-hand sidebar.
  • Chrome will automatically check for updates or you can click the button “Update Google Chrome”.
  • Restart the Chrome.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

資訊及通訊科技部接獲網絡安全事故預警及應急中心的通知,Google官方 近日發出有關於 Chrome 瀏覽器的安全漏洞,成功利用此漏洞可能會觸發遠端執行任意程式碼;該漏洞亦正在被廣泛利用。

  • 請更新至 Google Chrome  116.0.5845.187 (Linux) 或之後版本, 116.0.5845.187 (Mac) 或之後版本, 116.0.5845.187/.188 (Windows) 或之後版本

有關詳情可參考:https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html

更新Google Chrome瀏覽器”步驟

  • 在電腦上開啟 Chrome;
  • 按下右上方的 [更多](垂直三點圖示) ;
  • 按下 [設定] ;
  • 在左方菜單,按下[關於 Google Chrome];
  • Chrome瀏覽器會自動進行更新,或可手動按下 [更新 Google Chrome] 進行更新;
  • 重新啟動Chrome瀏覽器。

參考資料

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Important Notice: Security vulnerabilities of Google Chrome browser (updated at 13 Sep 2023)2023-10-13T00:01:05+08:00
8 2023-09

Important Notice: Security vulnerabilities of Notepad++ (updated at 8th Sep 2023)

2023-10-08T00:00:07+08:00

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), multiple security vulnerabilities has been issued about the code editing software Notepad++.  Attackers can use this vulnerability to induce users to open malicious documents to execute the arbitrary code and the related exploited code has been exploded.

  • Please update to Notepad++ V8.5.7 or later.

For more details, please refer to: https://notepad-plus-plus.org/downloads/v8.5.7/

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

資訊及通訊科技部接獲網絡安全事故預警及應急中心的通知,著名的程式代碼編輯軟件Notepad++存在多個安全漏洞,攻擊者可透過誘導受害者打開特製的惡意文檔,從而觸發漏洞以執行任意程式碼,而且相關的漏洞利用代碼已被公開。

  • 請更新Notepad++ V8.5.7 或之後版本

有關詳情可參考:https://notepad-plus-plus.org/downloads/v8.5.7/

參考資料

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Important Notice: Security vulnerabilities of Notepad++ (updated at 8th Sep 2023)2023-10-08T00:00:07+08:00
29 2023-08

Information Security Tips (August 2023) – Beware of Scammers Exploiting AI Techniques

2023-09-29T00:01:05+08:00

To: All Users

Recently, there have been reports of scammers using artificial intelligence (AI) deep fake technique for fraudulent activities, including creating fake news to promote investment schemes or manipulating videos to impersonate celebrities and deceive victims into participation of false investment activities. It is also possible that scammers may use similar techniques to impersonate your friends or family members during video conferences or voice calls for phishing scams.

There are few steps to protect yourself from phishing scams:

  1. Stay vigilant and calm:
    • Keep composure when dealing with urgent requests, especially those involving financial transactions or investment request. Be particularly cautious if someone claiming to be a “friend” requesting money transfer in the video or audio recording.
  2. Verify identities:
    • When it comes to financial transactions or personal information, always verify the identity of the other party. Confirm the identities of the friends, family, or relevant institutions through independent channels and the authenticity of their requests.
  3. Watch for inconsistencies:
    • Attempt to verify the other party’s identity through casual conversation, as scammers may reveal inconsistencies.
  4. Protect personal information:
    •  Besides personal data, do not provide biometric data such as facial recognition, fingerprints, or voice samples.
  5. Don’t blindly trust online information:
    • This includes messages labeled as “Fact Checked” or “Confirmed.” If you suspect it to be false information, avoid sharing it and consult the relevant authorities for verification.

Although criminals may change their fraudulent methods from time to time, their goal remains the same: to deceive users into revealing their account credentials, personal information, or money. By staying vigilant and remembering to “Stop and Think! Do Fact Check!”, you can protect yourself from phishing scams.

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

近日有報道指出,有騙徒利用人工智能深度偽造技術進行詐騙活動,包括製作假新聞推廣投資活動,或冒充名人移花接木後製影片,引誘受害人參與虛假投資活動。另外,不排除騙徒還會使用相關技術,冒充您的朋友或家人進行視像會議或語音通話進行釣魚詐騙。

您可以採取以下步驟來保護自己免受釣魚詐騙的威脅:

  1. 保持警覺和冷靜:
    • 處理對方提出的緊急要求時必須保持冷靜,尤其是涉及財務交易或投資的要求。若有所謂「親友」在視訊或錄音中提出匯款要求,要特別警惕。
  2. 驗證身份:
    • 涉及資金交易或個人資料時,務必驗證對方的身份。通過另一獨立的渠道與朋友、家人或相關機構進行聯繫,確認其身份和要求的真實性
  3. 留意破綻:
    • 透過閒聊提問方式嘗試驗證對方身份,騙徒可能會露出破綻。
  4. 保護個人資料:
    • 除一般個人資料外,還有切勿輕易提供人臉、指紋、聲音等生物辨識資料
  5. 不要輕易相信網上資訊:
    • 包括標有「已Fact Check」或「已證實」等標語的消息。如懷疑是假資訊,應避免轉載,並向有關機構查詢。

雖然不法分子會不時改變詐騙方式,但萬變不離其宗,騙徒目的離不開誘騙用戶帳號和密碼、個人資料或金錢,只要用戶時刻保持警覺,謹記「停一停、想一想、查真偽!」,便不會被不法分子有機可乘。

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Information Security Tips (August 2023) – Beware of Scammers Exploiting AI Techniques2023-09-29T00:01:05+08:00
23 2023-08

Important Notice: Beware of phishing emails sent by Ministry of Finance

2023-09-23T00:00:06+08:00

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), some public departments have received counterfeit phishing emails related to “Notice of the Ministry of Finance’s 2023 Individual Labor Application”, which contain links to phishing website attempting to defraud bank card numbers and other information.

  • The title of the email is “Please Check!”, which contains a QR code (Figure 1) linking to phishing website. After scanning the QR code, it will direct you to the phishing website (Figure 2).

    Figure 1: Phishing email content

Figure 2: Phishing website

Suggestions

  • If you received similar email, do not visit the relevant phishing website and delete the email immediately.
  • Do not open suspicious email attachments or links and provides confidential information such as account passwords in suspicious website.
  • If you have received similar emails, please contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

資訊及通訊科技部接獲網絡安全事故預警及應急中心的通知,近日有公共部門收到假冒「财政部2023年针对个人劳动申领通知」有關的釣魚電郵,當中包含釣魚網站網址連結,企圖騙取銀行卡號碼等資訊。

  • 題述電郵標題為“请查收!”,當中包含一個釣魚網站網址連結的二維碼(圖1),掃瞄該二維碼後會轉移到(圖2)所示的釣魚網站

圖1:釣魚電郵內容

圖2:釣魚網站頁面

建議

  • 倘若收到類似電郵,切勿訪問相關釣魚網站連結,並立即刪除該電郵;
  • 切勿打開可疑的電子郵件附件或連結,以及於可疑網站中輸入帳戶密碼等重要資料 ;
  • 如果曾經接收類似電郵,請聯絡資訊及通訊科技部服務中心

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Important Notice: Beware of phishing emails sent by Ministry of Finance2023-09-23T00:00:06+08:00
21 2023-07

Information Security Tips (July 2023) – How to Dispose Personal IT Device Securely

2023-08-20T00:00:03+08:00

To: All Users

When you are no longer using personal IT devices, such as a computer, smartphone, tablet or external storage device, it is important on how you dispose of it properly. This helps to protect your privacy and security, as well as the environment.

There are few steps you can dispose of your personal IT equipment securely:

  1. Back up your data:
    • Before disposing of your device, make sure to back up all your important data and files. You can use an external hard drive or cloud storage to store your data.
  2. Unsubscribe or unbundle accounts:
    • If there are any subscription services or bundled accounts, you should first unsubscribe or log out of all bundled accounts.
  3. Wipe content from your device:
    • Make sure to wipe your device clean before disposing of it. This means deleting all your personal data and files from the device.
  4. Remove SIM cards and memory cards:
    • If your device has a SIM card or memory card, make sure to remove them before disposing of the device.
  5. Destroy the device (if necessary):
    • If you have sensitive data on your device that you don’t want anyone else to access, you can destroy the device physically.
  6. Recycle the device:
    • Once you confirm your device is wiped, you can recycle it through your local recycling company or organization, such as Direcção dos Serviços de Protecção Ambiental (DSPA) in Macau, which is promoting Electronic and Electrical Equipment Recycling Programme.
  7. Don’t forget those household appliances:
    • Such as TV boxes, TVs or portable game consoles, etc., which may contain credit card and personal information,  make sure to handle them carefully.

No matter how you choose to dispose of your personal IT equipment, make sure to do so in a responsible way.

Reference:
Electronic and Electrical Equipment Recycling Programme (DSPA)
How to Properly Prepare Your PC for Disposal
How to factory reset your iPhone, iPad, or iPod touch
Reset your Android device to factory settings

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

當您打算丟棄舊的個人資訊設備(例如電腦、智能手機、平板電腦或外置儲存裝置)時,懂得正確的處理步驟是非常重要的。這有助於保護您的隱私和資訊安全,以至保護自然環境。

您可以採取以下步驟來安全地處理舊的個人資訊設備:

  1. 備份數據:
    • 在丟棄設備之前,請確保備份所有重要數據和文件。 您可以使用外部硬盤或雲存儲來存儲數據。
  2. 取消訂閱或解綁帳戶:
    • 如有任何訂閱服務或捆綁帳戶,應先行取消訂閱或登出所有捆綁帳戶
  3. 擦除設備中的內容:
    • 在丟棄設備之前,請務必將設備中的內容擦除。 這意味著從設備中刪除您的所有個人數據和文件。
  4. 取出 SIM 卡和存儲卡:
    • 如果您的設備有 SIM 卡或存儲卡,請務必在丟棄設備之前將其取出
  5. 銷毀設備(如有必要):
    • 如果您的設備上有敏感數據且不希望其他人訪問,您可以銷毀該設備
  6. 回收設備:
    • 一旦確認設備中內容已被清除,您可以通過所在地的回收公司或組織進行回收,例如澳門環境保護局(DSPA),該局正在推廣電子及電器設備回收計劃。
  7. 別忽視一些家居中的設備:
    • 如電視盒、電視或手提遊戲機等,當中可能含有信用卡及個人資料,務必小心處理。

無論您選擇如何處置您的個人資訊設備,請務必以負責任的方式進行。

參考資料
環境保護局 (DSPA)
如何正確準備處置您的電腦
如何將 iPhone、iPad 或 iPod touch 恢復出廠設置
如何將 Android 設備重置為出廠設置

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部

Information Security Tips (July 2023) – How to Dispose Personal IT Device Securely2023-08-20T00:00:03+08:00
© University of Macau
Go to Top