Case study: Approach to an early career researcher
One of our junior researchers received an email which appeared to be from a PhD student they had met on a training course. The email asked if they would be prepared to offer some feedback on a conference poster they were preparing on an area of shared interest. Our researcher replied yes.
A PDF of the poster was emailed to our researcher. When opened, it ran a malicious script, which made all of the researcher’s data in their OneDrive accessible to the sender.
This email was not from the PhD student as first thought. On closer look, the email address was not the same, with just a few numbers different, so our researcher missed it. It turns out this was a phishing attempt, from a state sponsored hacker aligned with an unfriendly foreign nation state.
Our research data has significant value to us and to other parties, even if it is not controlled under Export Controls or similar. Foreign actors may seek to exploit new or existing relationships, deploying social engineering and phishing strategies to gain unauthorised access to our people and our research.
When corresponding with someone outside the University and especially with people you do not have an established relationship with, pay close attention to the signs of malicious emails. More advice and guidance about phishing and information security can be found on the IT Services website.