The recent cyber-attacks are becoming more fierce and sophisticated. We keep receiving phishing emails. Some phishing emails masqueraded themselves as good as legitimate emails and are targeted at our users. Please always beware of these phishing emails and do not respond to those emails which purposely asking for your personal information, banking credential and other information.

To help you protect yourself against phishing, we offer some tips below:

#1 Avoid clicking on links in a suspicious email
Clicking on these links could direct you to malicious websites or phishing sites, please inspect the destination page before clicking on them by hovering over the link with your mouse pointer and looking at the destination URL. If the URL of the link does not match with the description of the link, it might be leading you to a phishing site.

#2 Do not open or save attachments from unknown senders
Spam and phishing emails often contain malicious attachments in plain sight or covertly hidden in zip/rar archives. Unless you confirm the content of the attachment is what you are looking for, please do not open or save the attachments.

#3 Avoid sending your password and account information in an email
Do not send your account information via email and avoid filling out form in an email that asks for your confidential information. ICTO will NOT ask you for such information through email or web page.

#4 Check the sender’s email address 
Check the “From” field to see if the email appears to come from a legitimate company.

#5 Keep your operating system and anti-virus software up to date
To ensure your computer is protected against the latest threats, including viruses and spyware.

#6 Regularly check your online accounts and bank statements
To ensure there are no unauthorized transactions made.

#7 Backup your data on a regular basis
Backup is the best practice to protect yourself against data loss. Please perform regular backup to store a copy of your computer data in the cloud and the other on an offline physical media, such as a portable hard-disk drive.

#8 If you have any doubt on the received email, check with ICTO
If you are doubtful about the authenticity of the email, please check directly with us.

The emails shown below are some known phishing emails received recently:

What remedies should be taken if you have responded to a phishing email
If you have responded to a phishing email, please change your password as soon as possible by visiting ICTO Account Information Page:

Please note that if your account is already in use of hacker, ICTO will disable your account temporarily and provide assistance to you as soon as possible, thus to minimize the damage.

Report the related phishing emails
In order to prevent disclosure of account password and further spread of phishing emails, if you receive a suspicious email and you are not sure about it, please forward the suspicious email to or call the ICTO Help Desk at 8822 8600. ICTO will try any possible method to intercept the phishing emails from the campus systems and inform our user as soon as possible, so as to prevent others from being attacked by the phishing emails.