X Close

Risky Business


Tips and tricks for securing information


Navigating QR Code Security in a Contactless World

By Peter Andrews-Briscoe, on 30 October 2023

In the digital age, QR codes have emerged as a convenient tool for quickly accessing information with just a scan – whether it’s viewing a restaurant’s menu, connecting to Wi-Fi, or making a quick payment. Since the world went contactless over the pandemic, many of us will have had experiences of using them. Yet QR codes can just as easily be used by scammers for hostile purposes. These attacks can be simple enough, consisting of placing a QR code in a public place, such as on posters advertising products or placed in seemingly random areas to pique your curiosity. Instead, though, the code will direct you to a malicious link. 

So what makes QR code scams so effective? 

  1. Curiosity: An intriguing QR code left in a public place can easily attract someone’s attention, either by presenting itself as an advertisement, or placed without any context to pique someone’s curiosity. 
  1. Unassuming: Unlike traditional phishing emails or messages, QR codes are faceless. A person can easily have seen enough phishing emails to know how to spot one, but QR codes are a far newer phenomenon, and give away far less information on the surface. This can also make them appear less threatening, not having enough details to arouse suspicion. 
  1. Immediacy: Scanning a QR code takes mere seconds, giving individuals less time to think critically about the action they’re taking. 

Fortunately, there are ways to safeguard yourself against QR code scams: 

  1. Be Sceptical: Always think twice before scanning a QR code from an unknown source. Even from a source that seems safe (such as a QR code on a parking meter) can be a fake code placed over the real one. 
  1. Preview the Link: Some smartphones and QR code reader apps offer a feature that allows you to preview the URL before it opens. You can use it to see if the link looks suspicious, which should help you determine if it’s malicious or not. 
  1. Keep Software Updated: Always ensure your mobile operating system and security software are up-to-date, as updates often include fixes for newly discovered vulnerabilities, making your device more resistant to any malware. 
  1. Report Suspicious Codes: If you encounter a suspicious QR code, report it to local authorities to prevent others from falling victim to the scam. 

QR codes have simplified many aspects of our life, but as with any technology, they come with risks. By being vigilant and taking appropriate precautions, you can enjoy the benefits of QR codes without falling prey to the hidden dangers. 



Cyber Security Awareness Month – Week Four

By Daniela Cooper, on 24 October 2023

It’s the fourth and final week of Cyber Security Awareness Month. This week is all about updating your software. It’s an easy one to forget or to put at the bottom of your To Do list, but it’s an important one as it provides an easy gateway for malicious attackers to get in and compromise your computer. Don’t forget to enter the week four quiz for your last chance to win a £25 Amazon voucher.

Software Updates

  • Tip: If you connect it, protect it. Outsmart cyber criminals by regularly updating your software.
  • Any device that connects to the internet is vulnerable to risks. The best defence is to keep device security software, web browsers, operating systems and applications up to date. Turn on auto-updates!
  • All those update alerts from your software are important to install! Not only do they fix things that might be buggy, but they also patch up any security flaws.
  • Pay attention to software update alerts and set your software to auto-update–it’s an easy way to keep things safe. Set it and forget it!
  • Outsmart cyber threats! Hackers are always looking for vulnerabilities to exploit. Stay ahead by enabling automatic software updates. Stay safe, stay updated!
  • The power of timely updates! Automatic software updates work silently to protect your devices. Say goodbye to outdated software and embrace the power of the latest features, enhanced performance, and tightened security.


Recap of topics covered in this Cyber Security Awareness Month – 4 simple ways to keep your online life more secure:

  1. Use strong passwords and download a password manager
  2. Turn on multi-factor authentication
  3. Recognise and report phishing and
  4. Update your software. 

Cybersecurity is everyone’s job – including yours. We all have a role to play in keeping our interconnected world safer and more resilient for everyone.


Remember to complete your CybSafe training

A quick reminder that if you haven’t completed your CybSafe training, please do so here:


The training can now also be found on InsideUCL: https://app.ucl.ac.uk/InsideUCL/

CybSafe contains a wealth of knowledge including a news feed, a knowledge base and the ability to share videos with friends and family.


Week Four Quiz

Be in with a chance to win a £25 Amazon voucher by answering the question below:

Q: What four things do you need to keep up-to-date?

Please send your entries to isg@ucl.ac.uk with the subject line: CSAM Week Four. The quiz is only open to UCL staff and students who enter using their UCL email address.


For more information on how to protect yourself, your friends and your family see: https://staysafeonline.org

Cyber Security Awareness Month – Week Three

By Daniela Cooper, on 17 October 2023

Passwords and Password Managers

It’s week three already! This week is all about passwords and password managers and how important it is to take care to create strong passwords and use password managers to help you store them securely. Also, don’t forget to enter the week three quiz to be in with a chance to win a £25 Amazon voucher.

  • Did you know the average person has more than 100 passwords at any given time? Here’s an easy tip: a Password Manager can help you create strong, unique passwords for each account.
  • No matter the account, all passwords should be created with these 3 words in mind: Long, Unique (never reuse passwords) and Complex (a combination of upper- and lower-case letters, numbers, and special characters).
  • What are some of the advantages of a password manager? They…
    • Save time
    • Generate strong passwords
    • Identify weak passwords
  • Organize your ever-growing list of online accounts with a password manager. They can manage all your online credentials like usernames and passwords, storing them in a safe, encrypted database and generating new ones when needed.
  • Lock it up! Strong passwords are your first line of defense against cyber threats. Don’t settle for weak combinations. Create unique and complex passwords for each account and consider using a password manager for added convenience and security.
  • Avoid common password pitfalls! Hackers love easy targets, so don’t make it easy for them. Say no to password123 or QWERTY. Opt for unique and complex passwords – let a password manager do the heavy lifting for you. It’s time to level up your security.


Reminder to complete CybSafe training

A quick reminder that if you haven’t completed your CybSafe training, please do so here:


The training can now also be found on InsideUCL: https://app.ucl.ac.uk/InsideUCL/


Week Three Quiz

Be in with a chance to win a £25 Amazon voucher by answering the question below:

Q: What three words should you keep in mind when creating passwords?

Please send your entries to isg@ucl.ac.uk with the subject line: CSAM Week Three. The quiz is only open to UCL staff and students who enter using their UCL email address.


For more information on how to protect yourself, your friends and your family see: https://staysafeonline.org

Cyber Security Awareness Month – Week Two

By Daniela Cooper, on 10 October 2023

Week Two: Phishing

The topic for week two is Phishing! I know this feels like a topic that we are always banging on about, but there is a reason for that, it’s such an easy way for an attacker to get in and it’s such an easy thing for us to overlook when we’re feeling tired or overwhelmed with our workload. So at the risk of boring you with a topic you may already be familiar with, please know that we all need a reminder of what to look out for, accidentally clicking on a phishing email could happen to any of us! Oh and don’t forget to enter our week two quiz to win a £25 Amazon voucher.

  • Reporting a scam helps warn others against cyber incidents. Don’t hesitate to call out phishing attempts.
  • Most cyber incidents start with a phish. To stop it, report it. For UCL email accounts please report to phish@ucl.ac.uk.
  • Tips for Spotting a Phishing Attempt:
    • 1) They create a sense of urgency or claim to need help.
    • 2) A promise of reward.
    • 3) Suspicious sender – often the address sending the email will not look right, or might try to mimic a well-known company address, perhaps with a few typos or extra characters. 
    • 4) They ask for personal or financial info.
    • 5) They want you to download a file or click on a link. Don’t take the bait!
  • Think before you click! Phishing emails disguise themselves as harmless messages, but they’re dangerous digital piranhas swimming in your inbox. Stay vigilant, spot the signs, and report suspicious emails. Together, we can stay safe!
  • Don’t get hooked! Phishing emails are sneaky bait trying to reel you in. Learn how to spot and report them.
  • Your inbox is your fortress! Phishing emails try to breach your defenses, but you can outsmart them. Learn the telltale signs of phishing, such as misspellings, suspicious attachments, or urgent requests, and report those fraudulent messages. Protect yourself and others!


Reminder to complete CybSafe training

A quick reminder that if you haven’t completed your CybSafe training, please do so here:


The training can now also be found on InsideUCL: https://app.ucl.ac.uk/InsideUCL/


Week Two Quiz

Be in with a chance to win a £25 Amazon voucher by answering the question below:

Q: For UCL email accounts, what email address should be used for reporting phishing emails?

Please send your entries to isg@ucl.ac.uk with the subject line: CSAM Week Two. The quiz is only open to UCL staff and students who enter using their UCL email address.


For more information on how to protect yourself, your friends and your family see: https://staysafeonline.org

Cyber Security Awareness Month 2023

By Daniela Cooper, on 3 October 2023

Week One – Multifactor Authentication

With Summer feeling like a lifetime ago, it’s already October, which can only mean another Cyber Security Awareness Month. We will also be running the weekly quiz to win a £25 Amazon voucher so read on to enter and be in with a chance to win.

This year the topics are based on Cyber Security Behaviours and are as follows:

  • Multifactor Authentication
  • Phishing
  • Passwords and Password Managers
  • Software Updates

There is nothing new about these topics and there is a reason why they are always repeated, they are four fairly simple behaviours that when implemented really help to protect you.


Multifactor Authentication

  • Make it harder for cybercriminals to compromise your accounts by enabling multifactor authentication.
  • Multifactor authentication adds an extra layer of protection to your accounts, making it harder for hackers to get in. Stay one step ahead and lock them out.
  • Where should you use MFA?
  1. On accounts with your financial info like banks and online stores
  2. On accounts with personal info, like social media and healthcare apps
  3. On accounts with info you use for work

In summary: Use MFA everywhere!

  • Passwords are the frontline gatekeepers of your online kingdom! But why settle for one line of defence when you can have two? Multifactor authentication doubles the security, making your accounts much more fortified. Keep the cyber criminals at bay!


Reminder to complete CybSafe training

A quick reminder that if you haven’t completed your CybSafe training, please do so here:



Week One Quiz

Be in with a chance to win a £25 Amazon voucher by answering the question below:

Q: What are the frontline gatekeepers of your online kingdom?

Please send your entries to isg@ucl.ac.uk with the subject line: CSAM Week One.


For more information on how to protect yourself, your friends and your family see: https://staysafeonline.org

Are you interested in becoming a Security Champion?

By Daniela Cooper, on 21 September 2023

Did you know that over 80% of data breaches are caused by Human error? With so many emails and so much data to send and process, it can be easy to mistakenly send an email to the wrong person which is the cause of many data breaches. It’s just as easy to click on a link without considering whether it came from a safe sender, or to not see the signs of a spoofed email that appears as if it’s from a colleague.

Increasing awareness of these issues and others like them can be one of the most effective ways to promote defence against cyber attacks and to reduce data breaches. For this reason, at UCL we are recruiting Security Champions who will help us with promoting awareness, as well as providing us with a link to all the different faculties and departments within UCL.

What is a Security Champion?

A Security Champion is someone who works within their department in order to promote cyber security awareness. This is done in a variety of ways, including distributing messages, content and reminders locally to their department.

In order to prepare for this role, a Security Champion is given a briefing from the Information Security Group and the Data Protection team so that they can familiarise themselves with the available resources, objectives and themes of the programme. Following this they can introduce themselves to their department in their new role and outline their plans. Throughout the role, periodic training and briefings are provided  to ensure that they can stay up to date on available content and resources.

As part of the ongoing role, Security Champions are expected to:

  • Attend meetings within their departments to promote security and raise any discovered issues.
  • Deliver messages and other content throughout the term as friendly reminders to remain vigilant against suspicious communications.
  • Attend Security Champions network meetings with other departments in order to report back, share ideas and receive updates.

If this sounds like something you would be interested in, then please contact us at ISG via our email address: isg@ucl.ac.uk. Please be aware that this role is expected to take up approximately one day  per term. At present, this role is for staff only.

How to distinguish between real and phishing bill payments

By Peter Andrews-Briscoe, on 20 June 2023

One of the key dangers in the world of cybersecurity are phishing emails. Even with all the defensive tools available, it’s easy for any person to slip up and click on a file or a link by accident. In this post, we’ll talk about a particular kind of phishing we’ve recently seen an increase in: hiding malware in fake financial documents. 

How to spot a phishing email 

Attached below is an example of one of these phishing emails we have had reported to us recently: 

Looking at this, there are a few details that would indicate it’s phishing to someone who knows what to look for. 

Firstly, the email is addressed to “Customer” – quite often, phishing emails will use generic greetings such as this, as they’ll send the same email to hundreds of people or more. However, it should be noted that not all phishing emails use this tactic, and many will be more personalised in their attacks. 

Secondly, the email is vague about what it is about, besides the fact it is related to a payment. This has the effect of making the recipient more curious, and therefore more likely to click on the malicious file. On top of this, by keeping it vague, fewer people who receive it will dismiss it as unrelated to them. 

On top of these, there are quite a few markers as well that might distinguish a message as phishing: 

  1. A sense of urgency and fear – a phishing email may try to make you feel rushed or suggest that you may be in trouble. This is so that you don’t have the time to wonder if it might be legitimate. 
  2. A promise of reward – often, emails will get people to click on their links with a promise of reward, such as claiming they have won the lottery. 
  3. Suspicious sender – often the address sending the email will not look right, or might try to mimic a well-known company address, perhaps with a few typos or extra characters. 
  4. Typos – legitimate, professional emails, especially those concerning financial transactions, will be proofread carefully by the company sending them. Too many typos can be a sign of phishing. 
  5. Suspicious web links – alongside attachments, phishing emails may include links that take you to harmful sites. These can often be made to look like legitimate links, so always be sure to hover over the link to see where it is taking you before clicking on it. 
  6. Asking for information – phishing emails will often ask for information that no legitimate email would ask for, such as usernames or passwords. 

How to protect yourself from phishing 

  1. Verify the sender – if you receive an email from a company regarding a payment that you’re not confident in, be sure to contact the company to verify this. You should contact them via a trusted number or email, rather than responding to the email directly. 
  2. Don’t open URLs or suspicious attachments – don’t open attachments or links in an email you have doubts about. You can send it to ISG at isg@ucl.ac.uk for help determining if an attachment or link is malicious. 
  3. Keep your computer’s operating system, antivirus and applications up to date – this will increase the chances of catching any malware if it gets on to the computer, and updating the operating system will reduce the number of vulnerabilities the malware will be able to exploit. 

Remember, staying safe online is a continuous process that requires ongoing vigilance – it is better to be safe and report any suspicious emails to ISG (isg@ucl.ac.uk) than to accidentally fall victim to a phishing email. 

Keep it private; ensuring privacy while recording

By Peter Andrews-Briscoe, on 2 June 2023

In this age of digital work, it is easy to see the benefits of having recordings, especially for an educational institute such as UCL; it allows students to return to materials in their own time, researchers to keep records of any interviews, and lets staff save any meetings they find important. However, it is important to be aware of some of the security issues that come with recordings, so that you can get the most benefit out of them for the least amount of risk; we recently had some privacy concerns raised around the use of recordings. 

The heart of the issue were the worries that either a recording might go on too long and capture something personal when people have forgotten they’re being recorded, and the concern that someone might be able to see a recording of a private meeting. Consider a student discussing academic worries to their lecturer after a lecture whilst Lecturecast is still recording, or someone accidentally getting access to the full Teams recording of a disciplinary hearing when they were only meant to be witnesses. 

In light of these concerns, ISG would like to remind all staff, students, and lecturers the importance of ensuring that all recordings are used responsibly and securely. It is crucial to protect the privacy of our staff and students, and we hope that by remaining aware of these issues, we can avoid making any mistakes. 

To help reduce the likelihood of an incident happening, when you are recording for a lecture, make a habit to stop a recording immediately after the lecture has ended. Before having a conversation that may include sensitive information, try to find a more private spot to talk; if this is not possible, then make completely sure no recording is taking place. When recording a teams meeting, remember that everyone in the meeting will have access to the recording; if someone was only there for part of the meeting, and should not have access to the full recording, remember to remove them from the meeting chat before the end of the meeting so they won’t have access to the recording or the transcript. You should also check who has access to the recording, and make sure that only people who need access have it. 

We wish to remind all of the need to remain vigilant around the privacy of our staff and students – we hope by keeping these practices in mind, we can prevent any occurrences from happening. 

New PayPal scam

By Peter Andrews-Briscoe, on 15 December 2022

Recently, we have had seen a new kind of spam email being reported to us that is done over PayPal. These are messages from service@paypal.com (a legitimate PayPal address) but with a message about account activity that often involves large sums of money, telling you to phone a number if you do not recognise the activity. Here is an example of what this might look like: 


The name, number, amount of money and what the “purchase details” will change from request to request. However, despite coming from a real PayPal email address, the message itself will be a scam. The phone number will be the scammer’s number, who will then try to gather more information on you.  

Unfortunately, we can’t block these phishing attempts, as the phishing happens over the PayPal website. As such, please forward these emails on to phishing@paypal.com so they can investigate the account further. 


How to distinguish between a real PayPal request and a fraudulent one 

In general, if you receive an email from PayPal to your address that is not connected to a PayPal account, even if it comes from a legitimate PayPal address, this is almost certainly spam (unless you were expecting someone to request money from you). If your address is related to a PayPal account, you can still easily pick up on the signs that mark this out as a scam: notice how this is a money request from someone rather than a notification, and that it’s the person sending the request who has left the note. On top of that, you should always look up the phone number before phoning it back, and only phone the numbers on the PayPal website. 

Suspicious Software

By Peter Andrews-Briscoe, on 13 December 2022

When looking for software to download, it is important to remain aware of the threats that we might encounter. Today I’ll be talking about a type of threat that can quite easily trip up any user if they’re not paying attention: malware.

What is malware?

Malware (malicious software) is software designed to cause disruptions, steal passwords and data, explore your files, gain unauthorised access to systems and other behaviours an attacker wants.

There are various types of malware: for example, some of the most common ones are adware (that spams your searches with a great number of unsolicited adverts), viruses (which try to maliciously alter your files whilst spreading throughout your systems), and ransomware (which encrypts your data and holds it ransom). However, the important thing to know about malware is how to keep it off your systems. Malware is often used with the end goal of financial gain, although it can also be used for other reasons, such as the stealing of personal or corporate data or maybe something as simple as causing an annoyance.

How to choose the safest software?

In the media, hackers are often imagined spending hours looking for vulnerabilities in a computer system to exploit. However, most of the time the greatest vulnerabilities come from simply people making mistakes – often, these mistakes are easy to fix or prevent if you know what they are.

The simplest rule to remember is when you’re downloading and installing software, do so from the official vendor’s website and use the latest version. This will ensure the software has been patched and has not been tampered with. If an update is available for the software, make sure this is installed as soon as possible.

Make sure you’re downloading the correct software, too – if you’re trying to download Zoom, malicious actors might set up an app called “Zoon” to trick someone not paying close attention. One thing to look out for is SEO poisoning, where malware is hosted on a site that looks legitimate and is designed to be in the top few results – make sure you double check where even a top site is sending you. If you wish to make completely sure that a site is not malicious, scan the link in one of the sites listed here: https://decentsecurity.com/#/malware-web-and-phishing-investigation/.

The UCL Software Database (https://swdb.ucl.ac.uk/) offers legitimate copies of software available to staff and students. The availability tab for each software should indicate who it is available to, where you can access it from (for download on a personal device, available on Desktop@UCL Anywhere, teaching rooms, standalone devices, etc), if it is free to download or the purchase of a license is required. The download tab will show a link to the download as well as the system requirements and installation documentation.

If you are unsure about whether to use any software, contact ISG at isg@ucl.ac.uk to advise if it is safe before you download it.

How to avoid malware?

Here are some more general tips for avoiding malware across the internet

  • Only open attachments or click on links in emails from people you know and if in doubt, contact them using an alternative method such as a phone number or an official contact email address and query if the email you’ve received is genuine.
  • Another tip would be to hover over a link and check if the destination matches the one shown in the status (usually located at the bottom left of the browser window).
  • Always check the extensions of the files you are opening, and make sure they line up with what you think you’re opening (don’t open a file you think is a PDF if it has a .html extension)
  • Keep your operating system, antivirus software and applications up to date. This won’t necessarily stop the malware being downloaded, but could mean that they’re detected sooner, and the malware may not work if the vulnerability they are trying to exploit has already been fixed with an update. You can explore what antivirus UCL uses here: https://swdb.ucl.ac.uk/package/view/id/166?filter=f-secure.

How to detect malware?

Inevitably, mistakes are bound to happen, and no matter how careful you are, there is always a chance that malware will get on your machine. However, it is vital that you know how to detect and remove malware from your devices as soon as possible, otherwise it could develop into something more serious.

Often, you don’t need a technical solution to become suspicious that your computer might have malware – you might notice that:

  • Your computer is running a lot slower than usual
  • Ads and popups are showing up more than they used to, and in places they shouldn’t be (such as government websites)
  • Your default home browser or default search engine has changed without you having changed it
  • Your device won’t let you uninstall software

If any of these are the case, you might want to run an antivirus scan to check to see if there is any malware installed on your device and contact ISG.

How to remove malware?

If you have determined that your device is infected with malware, please do the following as soon as possible:

  • Contact ISG immediately at isg@ucl.ac.uk or phone us at (0)20 7679 7338 so we can investigate further
  • Do not log into anything online, including banking, online shopping, or any UCL related accounts, until your device is free of malware
  • Run a scan on your device for malware and uninstall and delete any of the files or software that the scan has picked up as suspicious. Once this is done, you can restart your computer

Once you have done these, you should be free of malware. Remembering to keep your antivirus and operating system up to date and remaining vigilant can solve most malware problems.