

Data and privacy safety
Find out how to keep your details in the right hands
Keeping your personal data safe may not be the first thing that comes to mind when you're starting uni.
But there are a few things to keep in mind to make sure your information is secure, from your essay due next week to your card details.
How to stay safe
Use strong passwords
You should use strong passwords to keep your accounts and information protected. Protect yourself from someone accessing your account without your permission by:
- Including capital letters, numbers and special characters such as an exclamation mark or hash in your passwords
- Not using the same password for multiple logins
- Pay attention to what websites you're typing your passwords and personal details into
- Using 2-step verification through your mobile where possible
- Using a pin or fingerprint to unlock devices
Back up your data
Whether it's your notes from yesterday's lecture, revision for tomorrow's exam or your final year thesis submission, the last thing you want to do is lose your work.
A stray glass of water can be the end of your laptop and all the work you've saved on it. Storing your data on a cloud-based system like Google Drive lets you access the same info on more than 1 device.
You can also make sure your information is better protected by using encryption. The files you store on Google Drive are automatically encrypted, and you can use FileVault to encrypt all files your keep on your Mac device.
Security software and antivirus
Security and antivirus software is one of the most important ways you can keep your computer protected. Without security and antivirus software, you leave your device open to malware and adware, which can install unwanted software on your browser or computer.
Security and antivirus software can protect you from most malicious software and potential hacking threats. But you still need to be mindful of what you're accessing when online.
Virtual private networks
Using a Virtual Private Network (VPN) is a great way to stay better protected online. It creates a secure, encrypted connection to the internet that masks your device's identity and location. It's handy if you regularly access public wifi networks at coffee shops or use your card online.
To stay secure, make sure you should:
- Use up-to-date antivirus software if you're using a Windows machine
- Install the latest updates on your Mac, which includes security software
- Use a malware scanner to scan your computer for anything your antivirus might have missed
- Always remember that if something looks suspicious, it's best not to click it
Phishing and scam emails
You or someone you know has probably received a random email offering money with no apparent strings attached.
These are phishing emails – emails designed to make you click on them or to enter your personal information. There are loads of these emails around, and not all of them will be automatically filtered out of your inbox and into your junk folder.
However, there have been recent reports that phishing emails relating to academic misconduct have been targeting students’ personal email addresses.
Phishing is a cybercrime in which an attacker tries to gain valuable information by disguising emails, instant messages or other communications as being from a trusted source, such as a friend, family member, workplace or even from the University. Cyber criminals aim to fool you into handing over valuable information such as passwords, PIN numbers and account numbers. They may also demand money from you to release information valuable to you (such as your University work, or photo/video library). Once an individual falls for a phishing scam, usually by clicking on a fraudulent link, hackers will install malicious software or steal personal information from their computer.
The University would only contact you about an academic misconduct issue via your university email account.
Some are more discrete than others, but here are things you can do to check if it's a phishing email.
How to check if an email is a scam:
- Check the sender’s email address - does it look like it’s come from a valid email address of someone you know?
- Check for spelling and grammar errors - most phishing emails contain spelling mistakes and/or bad grammar.
- If you are not expecting the email and there is a link or an attachment, do not click on the link or download the attachment.
- The greeting is probably impersonal, such as 'Dear Student'
Communications with a sense of urgency that ask you to act now, or emails containing links which may not appear to be as they seem, may also be warning signs of a phishing attack. Always remember that emails sent by colleagues, friends and family should be treated with caution, especially if you are not expecting an email from them or if their email contains unexpected attachments. These emails could be coming from a hacked account.
If you've come across a phishing email, don't click on anything in the email or enter any of your details. The best thing you can do if you receive one is to delete it.
If the email is impersonating someone from an official body, such as your university or Student Finance, report the email to an authority. Scam emails about Student Finance should be sent to phishing@slc.co.uk. If you’re unsure, contact the IT Service Desk on +44 (0) 2392 84 77 77 or visit the IT Helpers in Library, Portland, Richmond and Park buildings to ask for help.
Secure banking and online payments
When you're buying something online, be cautious and use the following guidance:
- Check the web address you're purchasing from is legitimate – if it begins with 'https://' and has a padlock symbol then you know it's a more secure site
- Use an online payment service rather than your card when making purchases – there are extra buyer protections and you aren't putting your details into the site directly
- If you can, use thumbprint or mobile verification when making purchases
- Don't log into your accounts or enter card details on public computers or networks without a VPN
Common scams targeting students
Fraudsters often target students, in order to access your money or information. Here are some scams to watch out for:
Tuition fee payments
A third party offers to process your fees and pass their money on to the university. They instead take your cash and don’t pay your fees. You should only pay the University directly through the official ways to pay.
Essay mill blackmailers
Companies offer to write assessments for payment, and then try to blackmail you, threatening to report you to the University. If at any point you need more support with your assessments, contact your lecturers or Personal Tutor for advice, or get help from teams like the Academic Skills Unit. If you’re being threatened with blackmail, seek confidential support from the Students' Union and the University’s Student Wellbeing Service and block any direct communications from contract cheating companies.
Scams aimed at international students
UKVI contact
Someone claiming to be a real organisation such as the Home Office/UKVI or HMRC contact you and tell you that you need to pay a fine because you have broken rules or not followed guidelines. These organisations would not contact you in this way and would not ask you to pay any money to them. The fraudsters may be calling you from what looks like a genuine number. Do not give them any personal information or make any payments to them.
For further information and advice on what to do please visit the UKCISA website or contact the International Student Advice team.