What is phishing?
Phishing is when a cybercriminal uses email to trick you into giving them private information or taking a dangerous action. The consequences of falling for a phishing email can be catastrophic.
Stay alert to phishing by looking out for these warning signs:
- Inspect the subject line, time of the request and content. If a message is enticing, was sent at an unusual time, the content is unrelated to the subject or puts you under pressure to act, it may be dangerous.
- Think about the origin of the message. Confirm the request with the relevant person or institution you know via a verified contact method like a phone call.
- Links and attachments are the easiest way for cybercriminals to send malicious software. By not clicking, you foil their attempts.
Trust your intuition. Stop and think.
Take a breather before reacting or giving in to the request, and report any messages that do not seem legitimate to phishing@lboro.ac.uk.
Thank you to those who reported the simulated phishing email, please continue to report any suspicious emails you encounter. These exercises are designed to strengthen the University’s security, not to catch anyone out.
Those who clicked on and responded to the simulated phishing email will have been made aware of the exercise and enrolled on a concise phishing training package on the Information Security Training platform: KnowBe4. Colleagues who clicked on the link, but did not engage further will receive a follow-up email soon detailing the warning signs present in the simulated phishing email.
More information on phishing and staying safe and secure online can be found on the IT Services webpages.