Nowadays, many websites and applications require users to register with an email address to access their services. This practice has become common, as it provides a convenient way for users to create accounts, receive notifications, and manage their interactions with various platforms. However, it is crucial to distinguish between personal and business email accounts. Using staff email for non-work-related registrations can increase risks of brute force attack on PolyU NetID with potential impact on the university's branding if a PolyU mailbox is compromised.
Here are the security concerns of using staff email for non-work-related purposes:
Security Risks: Using staff email for non-work-related activities can expose our university to security risks. Websites and applications may not have robust security protection mechanisms in place, which could make it easier for hackers to gain information about the staff email account.
Password Reuse Risks: Using the same username and password for multiple platforms and services can pose a significant risk. A password leak could potentially compromise all associated accounts and services.
Data Privacy: Many websites and applications collect personal data. Using a working email for these services can unintentionally share your information with third parties.
Reputation Risk: If a staff email is used inappropriately or becomes associated with spam or malicious activities, it can damage the reputation of both the individual and the university.
Increased Spam: Registering for non-work-related services using a PolyU email may lead to an increase in spam messages in your office mailbox, filling up your inbox and making it hard to find important work-related messages. Additionally, cyber attackers may use your email as the sender display name to fake and gain trust from other PolyU recipients, resulting in PolyU colleagues falling prey to online scams.
If you need further information or assistance, please contact the IT HelpCentre (Tel: 2766 5900, WhatsApp / WeChat: 6577 9669) or reach out to us via the IT Online ServiceDesk.
