Since the beginning of the Coronavirus pandemic, we have observed a dramatic and sustained increase in the number of phishing attacks targeting the University.
Research shows that 91% of Cyber Attacks start with a phishing email. While we are continually monitoring threat intelligence and improving our technical defences against specific campaigns, some phishing emails inevitably still make it through.
This is why we rely on you as our last line of defence and urge you to report any phishing emails you receive to the Service Desk or by forwarding to email@example.com.
It starts with a phish…
The impact of successful phishing campaigns can vary widely. The initial goal is most commonly theft of user login details – accomplished by convincing the recipient to click a malicious link. Perpetrators can then use stolen credentials to carry out all manner of criminal activity, depending on their capabilities.
In some cases, they will simply use a compromised account to send more phishing email, usually resulting in the campaign being exposed quickly. Or they may attempt to commit fraud directly against the recipient by impersonating a bank or HMRC.
In extreme cases however, the perpetrator can hold on to a compromised account for long periods, using it to infiltrate other areas within the network. Once inside, they could steal large amounts of sensitive information, or plant extremely dangerous malware such as Ransomware. This type of attack can cause devastating financial and reputational damage to institutions and organisations.
How you can protect yourself and the University
- Please be cautious and do not click on links or open attachments in unsolicited emails.
- Please take time to review our Guidance on Phishing and other IT Security topics in our Toolkit resource at www.abdn.ac.uk/toolkit/skills/it-security/
- If you suspect a breach has occurred, contact the Data Protection Team at firstname.lastname@example.org.
- And if you are still unsure, or if you would like advice, contact the Service Desk by email at email@example.com or via the service portal at https://myit.abdn.ac.uk.
Author: IT Security Team, DDIS