IT security
Unos sencillos hábitos y precauciones mejorarán tu experiencia en internet y la seguridad de tu PC.




More than 80% of emails are spam, which is defined as unwanted e-mails, usually advertising, which are randomly sent to large numbers of users. It is not a direct threat, but it is a serious annoyance for Internet users for the following reasons:

  • Wastes time. Information that is not of interest to the user has to be deleted.
  • It can make you losevaluable information . Some valid emails are classified as spam by some filters, which causes us to lose useful and even vital information.
  • Spam is also used to send different types of viruses or phishing attempts discussed at various points in this document.

To protect you, the UALCloud Email System has numerous antispam measures that automatically reduce the amount of junk mail that arrives in your email inbox. Another way in which to combat spam is prevention. As a user you have to try to prevent your email address from being captured.

  • Do not make your email address public  in forums, chats, newsgroups, etc.
  • Post your address on web pages only when necessary.
  • Ignore the content of messages that appeal to your charity, that warn about dangerous viruses or that indicate that you should forward them to other people (linked emails).
  • Do not reply to spam messages or open links that invite you to obtain more information or to delete yourself from your list of clients; by doing this you are only confirming that your address exists.
  • Do not provide your email on websites unless it is essential.

More information about Spam on Wikipedia, Youtube and OSI (Oficina de Seguridad del Internauta - Office for Internet Security)

Listas de spam



Any message you receive, either by email, or by SMS, or by any other means, which impersonates entities that you trust by requesting personal data or passwords, is known as Phishing.

They can impersonate banks, Public Administrations (Tax Office, Police, ...), the university, the STIC, etc. The purpose is always fraud and bank robbery, sending viruses and spam, computer attacks, theft of personal data and identity theft.

No entity will ask you to enter your username and password in an email, or on a website that opens when you click on a link in an email.
Other clues to identify phishing:

  • Poor spelling and grammar.
  • Generic greeting such as "Dear user" or "Dear customer".

However, even if your name appears in the email and the spelling is good, we insist: never give your username and password if requested by email.

How Phishing works

The email will ask you in one way or another to do any of the following actions:

  • Reply to an email with your personal or bank information, or with your username and password.
  • Click on a link in the email that takes you to a website similar to that of the impersonated entity where you are asked for a username and password.
  • Send an SMS with your username and password.


  • Always your antivirus software is up-to-date.
  • Never open a PDF, DOC or EXE file contained in a suspicious email.
  • Check your bank website for specific information about banking phishing.
  • If the email appears to come from the UAL itself, call the Customer Service Centre.
  • If a suspicious email arrives, delete it.

Remember that if they succeed in tricking you, not only do you put your personal data, your money and your privacy in danger, it also affects the safety of your UAL colleagues. So when you receive an email from the University, keep in mind the following:

  • When STIC communicates with you because your password is going to expire, it will do so from the address
  • You will never be asked for your username or password in an email or SMS.
  • It will address you by your full name.
  • When you are sent an email in which you are asked to change the password, because it expires every month, there will be no link in which to click but you will be asked to connect to the UAL Virtual Campus.
  • The email will be written in correct Spanish.

More information about Spam at Wikipedia, Cajamar, La Caixa and Youtube.

Malware and Spyware


Malicious software (malware) includes viruses, worms, Trojans and in general all types of programs that have been developed to enter computers without the permission of its owner, and produce undesired effects. These effects sometimes occur without us realising it.


A computer virus is a program designed to copy and propagate itself, usually attaching itself to applications, corrupting files and altering the normal functioning of the PC. Infected files are generally executable: .exe, .src, etc. Viruses are executed when the infected file is executed.



They are programs that spread on the PC and through the network making copies of themselves. They do not infect other files, they do not need to alter the programs, but they reside in the memory and duplicate themselves. Worms almost always cause problems in the network propagating through:

  • Email.
  • File sharing networks (P2P).
  • Exploiting a vulnerability.
  • Instant messaging.
  • Chat channels.

Generally, worms use social engineering to encourage the receiving user to open or use a certain file that contains the copy of the worm.



They are executed in a hidden way in the system and give an unauthorised user remote access to the PC. They lack their own spreading routine, they can reach the system in different ways, the most common are:

  • Downloaded by another malware program.
  • Downloaded without the knowledge of the user when visiting a malicious Web page.
  • Within another program that appears to be harmless.

Spyware (spyware) are programs that are used to collect information about a person or company without their knowledge or consent. Spyware is often installed covertly, either when a file is downloaded or by clicking on an advertising window.

Protection measures

Protection measures

1.- Freeze the equipment. Using a program (provided by the Customer Service Centre) we will return the system to how it was on the day of installation every time we restart. If we have freeze software, and a virus enters, when the machine is restarted the virus disappears, because the system returns to the way it was when we installed it.

2.- Always keep the equipment software updated (operating system and programs), for the following reasons: 

  • Fix the vulnerabilities detected.
  • Install new features or improvements to previous versions.

3.- When installing software, read  the conditions in the license agreement carefully, before going ahead. 

4.- When installing new software, exclude unnecessary functions. 

5.- Do not download or install software if it is not from trusted sites. 

6.- Check all files with updated antivirus software before executing them. More information on antivirus software.

7.- Keep your antivirus software updated. 

8.- Disable autorun on devices that connect to the computer. 

9.- Ignore emails from unknown senders (they are social engineering techniques). 

10.- Check documents received from abroad with the antivirus software installed on your computer. Only execute programs with a guarantee of origin and that do not violate intellectual property.

11.- Do not directly execute files attached in emails. It is much safer to extract them to a computer directory and check them with the antivirus software.