Skip to main content

Information Security

Find the latest advice and policies that help keep us safe online.

Stay safe online

Spam and phishing

Spam is no longer just delivered by email. It’s now much more sophisticated and can appear in SMS, social media and even tools like Google Forms.

Top tips to avoid spam and phishing

  • Check the sender’s full email address. This is usually found in brackets with an ‘@’ next to their display email address.
  • If you recognise the sender but are concerned it’s not them, contact them via another method to check.
  • Fraudulent emails often contain poor grammar and strange phrases. Some may even try to rush or worry you.


Some scams are deliberately targeted at students, taking advantage of current events and things you may be interested in. They can appear as everything from demands for Council Tax to asking to purchase your work.

Top tips to avoid scams

  • Think before parting with your information or money – is this genuine?
  • Don’t give out private information or reply to text messages.
  • Don’t download attachments or click on links in texts/emails you weren’t expecting.
  • It’s ok to reject, refuse or ignore requests - criminals may try to rush or panic you.

Identity theft

How to spot it and what to do on the Information Commissioner's Office.

Protect your devices


  • Keep your anti-virus software up to date and run regular scans.
  • Do your updates when prompted – they often contain security fixes.

Working in public

  • Keep an eye on your devices and ensure nobody can see your screen.
  • Set up a PIN or fingerprint or facial ID lock.
  • Find useful tips on

USB devices

Avoid using USB devices wherever possible. If using one is essential, only plug it into a trusted computer and always virus scan the USB.

Mobile devices

  • Do your updates.
  • Password-protect and encrypt your mobile devices.
  • Never store un-encrypted passwords on them.
  • Check out tips for securing Android and iPhones.

IT Network and Acceptable Use Policy

The IT Network and Acceptable Use Policy outlines how you can protect your device and the University network.

You should read the policy before accessing the UAL network on your own device.


Follow our best practice:

  • Use more than 8 characters.
  • Choose a combination of letters, numbers and characters and/or a passphrase.
  • Use different passwords for different websites.
  • Do not use your UAL password for any other websites.
  • If offered, use a second method of logging in e.g. verify by SMS code or email.

Social media

Don’t overshare! Hackers can use information you share online to build a profile of you.


After growing in recent years, several laws can now be applied to cases of cyberbullying and online harassment.

Get support

Anti-bullying alliance have useful tips and tools if you're being bullied or threatened.

More advice