Current Students and Staff

// University News

Security awareness: Upcoming simulated phishing campaign for staff

Universities continue to be targeted by online criminals and nation states, seeking either financial gain or access to intellectual property. Cyber-attacks and major data breaches have caused widespread, sustained disruption at many other UK universities.

In most of these incidents, the attackers have gained initial entry to systems through phishing campaigns, where increasingly convincing, fraudulent emails are used to capture passwords or other sensitive information from staff or students.  

Considering the current risk level, the University has asked IT Services to conduct regular phishing awareness exercises for all staff, with the next exercise due to take place in the coming months. 

This exercise will be in the form of a simulated phishing email, designed to raise awareness of some of the clues that an email may be a phishing attack and not a genuine correspondence. 

If you click on and respond to the simulated phishing email, there will be no punitive repercussions. You will be told straight away what has happened and receive a request by email to complete a concise phishing training package on the Information Security Training platform: KnowBe4. 

Please remain vigilant for the signs of a phishing email, including: 

  • Messages from senders or email addresses that you do not recognise 
  • Messages containing links to websites that ask for passwords or other sensitive information, or to websites with addresses that you do not recognise

More information on phishing and staying safe and secure online can be found on the IT Services webpages. 

Categories