4 May 2018
Staff and student simulated phishing attack
Earlier this week, IT Services carried out a simulated phishing attack against staff and students at the University.
Staff will have received an email appearing to come from Human Resources notifying them that there was an error in the calculation of their previous pay slip, and students will have received an email appearing to come from the University Grant Department advising them that they had been awarded a grant.
As this was a simulated attack no action is required and you do not therefore need to be concerned.
The exercise was designed to raise awareness and test the University’s preparedness in the event of a widespread phishing attack, and a number of people were phished by it.
If you were phished you are not in any trouble as a consequence and no action will follow. IT Services will use the information captured from this exercise to consider changes to training, information and systems that may need to happen.
Vipin Ahlawat, Director of IT Services said: “Both within the University and in the wider world, phishing is a real problem affecting many services. We hope that this exercise has been helpful in raising awareness of how easily attacks can occur and how convincingly genuine they can appear to be. We apologise for any inconvenience or concern this email may have caused but hope you can understand why this exercise was important to conduct.”