+

Information Security Tips (November 2025) – Protect Yourself from Hotel Booking Scams at Academic Conferences

/in /by

Fraudulent groups often impersonate official conference-designated hotels or booking agents, using fake email domains and fake websites to mislead participants into making payments through unofficial channels. These scams are highly professional and convincing, prompting multiple international conferences and related organizations to issue formal warnings.

I. Known Scam Companies
Reports indicate that some scam companies proactively contact conference participants, claiming to assist with accommodation or travel booking services. Below are confirmed scam companies (including their email addresses or domains), though other cases may exist:

    • Global Travel Team (planning[at]gtravelhosting[dot]com)
    • Global Travel Experts (reservations[at]gtravelexpert[dot]com, bookings[at]g-travelexperts[dot]com)
    • Converia Travel (info[at]converiatravel[dot]com)Please remain vigilant. These scams are often sent via email, particularly targeting speakers or presenters.

II. Common Scam Tactics

    1. Imitating Official Hotel Domains
      Scammers register domains that closely resemble legitimate hotel or booking sites, e.g., forging “booking[dot]com” as “booklng[dot]com,” exploiting minor spelling differences.
    2. Phishing Emails in the Name of the Conference
      They impersonate “official conference booking services” and use fake domains to pressure participants into paying accommodation fees.
    3. Mixing Real and Fake Content to Gain Trust
      Fake websites may redirect you to the real official site, creating the illusion of legitimacy.
    4. Redirecting to Fake Payment Pages
      Emails include payment links leading to poorly regulated third-party platforms, where funds go directly to scammers.

III. Key Self-Protection Measures

  1. Verify Directly with the Conference Organizer
    • Do not reply or click links in any email claiming to be an “official booking service”.
    • Always confirm through official contact details published on the conference website.
    • Check the conference website for announcements about known fraudulent booking agents.
  2. Verify the Payee Before Payment
    • Before entering card details, check the merchant name carefully.
    • If you are paying for Hotel A but the payee shows an unrelated company or individual, it is likely a scam. Stop immediately.

IV. If a suspicious situation has occurred

  1. Contact your bank immediately: If payment has already been made, call the card-issuing bank to request a stop payment.
  2. Report to the police as soon as possible: If you have suffered financial loss or information leakage, file a report and provide evidence (such as emails, payment records, and communication details).

Information Security Tips (September 2025) – Back-to-school season, don’t let hackers enroll too!

/in /by

A phishing email, a weak password, or a careless click on a suspicious link, any of these could become an entry point for hackers.

Let’s start with everyday habits. Each of the following small actions is a crucial step toward protecting campus cybersecurity:

  1. Device Security
    • Regularly update your operating system, browser, software, and apps
    • Install and enable real-time antivirus software, and keep it up to date
    • Only download software and apps from official sources; avoid unknown or pirated versions
  2. Account Management
    • Use strong passwords and avoid easily guessed information like your name, birthdate, or student ID
    • Use different passwords for different platforms and change them regularly
    • Enable two-factor authentication (2FA) to enhance account security
  3. Email & Online Behaviour
    • Do not click on suspicious links or attachments in emails
    • Never share passwords, credit card details, ID numbers, or other sensitive personal information
    • Avoid handling or transmitting confidential data when using public WiFi or shared computers
  4. Social Media & Personal Data Protection
    • Do not share sensitive personal information (such as your address, student ID, or ID photos) on social media
    • Adjust privacy settings to limit access to your personal information by strangers
    • Think before you post: Could this post reveal too much about me?

Cybersecurity is not just about preventing data leaks, it’s about protecting our academic achievements, research data, personal privacy, and mutual trust.

Let’s work together to build a safe, secure, and trustworthy digital campus environment.

Information Security Tips (July 2025) – Handling Confidential Information and Mass Emails

/in /by
  1. Handling Confidential Information
    • Protect Confidential Data: When dealing with confidential information, use strong passwords and encryption tools, especially when data needs to be taken off-campus.
    • Delete Immediately: After processing confidential data, delete any copies immediately to minimize the risk of data leakage.
    • Avoid Public Networks: Never process or transmit confidential data over public Wi-Fi networks or shared computers.
  2. Handling Mass Emails
    • Check Before Sending:
      • Carefully verify recipients, content, and attachments before sending emails, especially to third parties, as emails cannot be retracted once sent.
      • Use “Blind Carbon Copy (Bcc)” to protect recipients’ privacy and prevent unnecessary email replies caused by “Reply All”.
    • Clear Subject Line: Use a clear and specific subject line to help recipients distinguish legitimate emails from spam or phishing attempts.
  3. Other Tips
    • Account Security: Enable two-factor authentication (2FA) for accounts used to handle confidential data, and use strong, unique passwords.
    • Device Protection: Use biometric authentication (e.g., fingerprint or facial recognition) to secure your devices.
    • System Updates: Regularly update your operating system, browser, and software to patch security vulnerabilities. Enable real-time antivirus protection and perform regular scans.

Information Security Tips (May 2025) – How to Prevent AI Deepfake Scams?

/in /by

Deepfakes refer to audio or video content that has been digitally manipulated using AI (Artificial Intelligence) deep learning to convincingly imitate a person’s face, voice, or behavior. While this technology has legitimate applications, it is increasingly being exploited by scammers to impersonate individuals—such as corporate executives during video calls—to deceive others and commit fraud. These scams can lead to financial loss, reputational damage, or misinformation, and similar cases have already occurred in Macau.

5 Tips to Protect Yourself from Deepfake Scams:

  1. Stay Alert:
    • Always be cautious of videos and audio you receive online. Seeing is not believing. Treat unexpected or suspicious content with skepticism.
  2. Verify Through Multiple Sources:
    • Check if the information is reported by other reliable sources, such as official channels or reputable news outlets. If it comes from only one source, it may be fabricated.
  3. Watch for Irregularities:
    • Even though deepfakes are becoming more realistic, there are still telltale signs.
      • Facial expressions or lip-syncing that don’t match the audio
      • Unnatural movements or gestures
      • Unusual voice pitch or inconsistent tone
      • Skin tone or lighting that looks off or unnatural
        These can all indicate manipulated media.
  4. Be Extra Cautious with Money Requests:
    • If you receive urgent instructions to transfer money—especially from a supposed boss or family member—pause and verify their identity directly, preferably through another channel like a phone call.
  5. Hang up on unknown video/voice invitations:
    • If you receive a call or video conference invitation from an unknown number, especially if the caller claims an identity but you can’t immediately verify it, hang up immediately to avoid falling into a Deepfake scam. If the person continues to harass you or makes you feel uncomfortable, consider blocking that number/user account to protect yourself.

Deepfake technology poses real threats, but with awareness and careful verification, you can protect yourself. If you suspect you’ve encountered a deepfake scam, report it to the police or seek assistance immediately.

Information Security Tips (Mar 2025) – Importance of Using Passwords with Reasonable Length and Complexity

/in /by

In today’s digital world, our online accounts hold a vast amount of personal and professional information. Protecting this information is crucial, and one of the most effective methods is to use passwords with reasonable length and complexity. This approach can increase the difficulty for hackers to crack your passwords. In general standard, passwords are recommended to have at least 8 characters long, preferably 15 characters, and consider including uppercase and lowercase letters, numbers, and special characters.

Tips for Setting Passwords:

  1. Set Strong Passwords:
    • Passwords should have a specific length and complexity, or use long, easy-to-remember passphrases that are difficult for others to guess.
  2. Avoid Using Personal Information:
    • Do not use information that is easy for others to guess, such as your name, birthdate, pet’s name, or common words.
  3. Avoid Reusing Passwords:
    • Do not reuse the same password across multiple accounts. If one account is compromised, all other accounts using the same username and password are at risk.
  4. Enable Two-Factor Authentication (2FA):
    • Whenever possible, enable 2FA service to add an extra layer of security.
  5. Regularly Check Account and Password Safety:
    • It is recommended to regularly check the safety of your accounts and passwords, and change them promptly if you suspect they have been compromised.

By following these tips and developing the habit of using passwords with reasonable length and complexity, you can protect the security of your accounts and information.

Information Security Tips (Jan 2025) – Protecting Campus Information Security

/in /by

Information security is essential for protecting our personal data and the university’s confidential information. We need to work together to ensure our data and privacy are not threatened. Here are some security tips to help everyone to maintain campus information security:

  1. Protect Information Security:
    • Do not engage in or attempt any actions that could harm the information security of any network, information, or communication systems or facilities within or outside the university.
  2. Maintain Security Measures:
    • Do not disable, interfere with, or remove security measures of information and communication systems or facilities on campus without authorization.
  3. Use Software Legally:
    • Ensure all software is legally obtained and has the necessary licenses. Unauthorized software should be removed immediately.
  4. Ensure Authorized Access:
    • Use authorized accounts to access any computer systems within or outside the campus. Do not use unauthorized accounts or impersonate others.
  5. Follow Account and Password Guidelines:
    • Keep passwords secure, do not write them down where others can easily access or see them, change them regularly, use strong passwords, and enable two-factor authentication for added protection.
  6. Comply with University Policies and Macau Laws:

Please be reminded that any illegal actions, whether intentional or unintentional, will lead to serious consequences for both individuals and the university, and result in legal liability.

Information Security Tips (Nov 2024) – Protect Personal Online Privacy

/in /by

In today’s digital era, protecting your online privacy is more important than ever. Whether you are a student or staff, understanding potential privacy risks and taking proactive steps can help to protect your personal information. Here are some practical tips:

  1. Limit Information Sharing: 
    • Only provide necessary information online or on social media. Avoid sharing sensitive information like ID number or phone number.
  2. Be Cautious while using Public Wi-Fi:
    • Avoid using public Wi-Fi to process personal or sensitive data. If necessary, use a Virtual Private Network (VPN) to encrypt the Internet connection.
  3. Review Privacy Settings:
    • Regularly check and update the privacy settings of your social media accounts and other online services to control who can access your information.
  4. Use a Secondary Email Address for Sign-Ups:
    • Use a secondary email address for any online services, subscriptions, and newsletters, in order to avoid spam or promotional emails cluttering the primary mailbox.
  5. Beware of Phishing Scams:
    • Verify sender’s email address and avoid clicking on suspicious links or downloading attachments from unknown sources.

By following the above tips, you can significantly enhance your online privacy and protect your personal information from potential threats.

Information Security Tips (Sep 2024) – Protect Personal Data to Avoid Identity Theft

/in /by

In today’s digital age, protection of personal data is becoming more important. Identity theft can lead to financial loss, reputational damage, and even legal liability. Therefore, we must take appropriate measures to protect personal data and avoid identity theft. At the same time, it is equally important to protect others’ identities to prevent yourself and others from unnecessary losses and troubles. Here are some effective tips:

  1. Encrypt data and timely erase unused data:
  2. Transmit and share data carefully:
    • Before sending/replying/forwarding an email, please review the recipients’ email addresses, email content, attachments and ensure they are correct. Besides, when you share the data through computer systems, please check if the system permissions are set correctly.
  3. Enable 2FA and use strong passwords:
    • Use Two-Factor Authentication (2FA) and strong passwords, and set different passwords for different accounts.
  4. Update systems and enable anti-virus software:
    • Keep operating systems, browsers, and software updated, enable real-time protection, and regularly scan with anti-virus software.
  5. Be cautious when using public WiFi and computers:
    • Please assume that public WiFi and computers are not secure. Avoid handling personal data or conducting banking transactions when connecting to public networks or using public computers.

Moreover, beware of phishing scams. Not only money, personal data is also one of the targets of the scammers. Please be vigilant.

Information Security Tips (July 2024) – Important Tips for Ensuring Travel Safety

/in /by

No matter where we are, cybersecurity is an important issue that cannot be ignored.

Here are some cybersecurity tips:

  1. Update the software on your mobile devices, including antivirus software, as these updates often contain security fixes.
  2. Use strong passwords and avoid using passwords that are easy to guess.
  3. Enable multi-factor authentication services to protect your accounts.
  4. Backup your data completely before travel.
  5. Enable anti-theft and remote data destruction features on your mobile devices.
  6. Disable automatic Wi-Fi and Bluetooth connections on your mobile devices.
  7. Be cautious when using public Wi-Fi or public computer, avoid entering passwords or confidential information on these systems.
  8. If you need to access UM internal information through public Wi-Fi, please use a VPN.
  9. Be aware of your surroundings and pay attention to where and how you use your devices.
  10. Protect your mobile devices, never leave them in public places, and enable encryption features, including USB or external storage devices.

Please be reminded that online safety is just as important as physical safety when you are out. Let’s make cybersecurity a habit in your daily lives, stay safe, protect yourself and have a joyful trip!

Information Security Tips (May 2024) – Security Considerations When Using Public AI

/in /by

Artificial intelligence (AI) platforms provide users with a variety of powerful tools and services that can help them to accomplish a variety of tasks, from data analysis to machine learning. However, there are some security risks to be aware of when using public AI platforms.

Below are some security tips to protect your data and privacy:

  1. Choose a reputable platform: Choose a platform with good reputation and research its security and compliance record.
  2. Understand the platform’s privacy policy: Read the platform’s privacy policy before using it. Understand how the platform collects, uses and shares your data.
  3. Be careful of what you share: Only share the data you need to complete your tasks. Avoid sharing any sensitive, confidential data, unpublished work information or research results.
  4. Use strong passwords and enable two-factor authentication: Create strong passwords for your accounts and enable two-factor authentication.
  5. Beware of phishing and scams: Do not click on suspicious links or enter your account information on unverified websites.
  6. Keep your software up to date: Keep your operating system and AI platform software up to date.
  7. Report suspicious activity: If you notice any suspicious activity, report it to the AI platform’s support team immediately.

By following these security tips, you can help protect your data and privacy while using public AI platforms. If you need further information on “AI privacy” and “Data Anonymization Processing”,  you can refer to the relevant information published by the Personal Data Protection Bureau (PDPB): https://www.dspdp.gov.mo/en/references_detail/article/kzw3p0kz.html