Staff portal logo
Show/Hide navigation
Mobile search categories

Are you "phishing" aware?

08 March 2021

Message from Stuart Brown, Director of Digital Technology Services, about 'phishing'

Over the past two years we have been running a series of simulated “phishing” exercises to highlight the very real risks posed to the integrity of the University’s IT systems, infrastructure and data.

“Phishing” is a fraudulent practice involving e-mails sent from apparently legitimate sources seeking to induce individuals to reveal personal information. Every year, these become increasingly more convincing and sophisticated which is why we have to continue to raise awareness and run phishing test exercises randomly throughout the year.

Our most recent exercise involved the circulation of a spoofed University e-mail claiming to be from the Promotions Team and offering incentives to the first 150 colleagues to login using their Windows credentials. On this occasion 817 colleagues clicked on the link provided, and 540 proceeded to enter their credentials. Furthermore, some colleagues have repeatedly (i.e. on at least 3 occasions) clicked on fraudulent links and in some cases also provided personal data.

This is very disappointing and illustrates a worrying increase in the number of colleagues who appear to be oblivious to, or have a disregard for, the risks involved.

The University’s Audit Committee and the University Executive Board have expressed concern and have urged that further action is now taken to ensure that these risks are fully understood.

Those colleagues who have repeatedly fallen foul of the phishing exercises have now been written to individually and are required to take additional awareness training. The UEB have also instructed that in future further failures to comply are to be treated as disciplinary matters.

All colleagues, if they haven’t done so already, should access the guidance available via the DTS website.

It is worth reflecting that falling foul of these internal exercises might suggest that you are equally likely to be the victim of scamming in your personal life, which of course could have serious consequences.

If you require assistance in understanding this matter direct, advice and guidance can be obtained from the DTS Service Desk.

Loading additional items please wait....
How can we improve this page?