The Information Security team have noted a significant increase in the number of successful phishing attempts targeting the University, where phishing links are being clicked or fraudulent emails are being responded to.
The advent of AI tools has made attackers more effective, allowing them to craft high quality, well formatted emails without the grammatical and language errors that were common in the past.
Similar technical advances in phishing techniques can now allow attackers to access your account with one click, without the requirement for you to enter your password on a phishing site. Not only does this make the process quicker, but it can also allow attackers to bypass Multi Factor authentication by stealing your entire login session and using it elsewhere.
Phishing remains the main starting point of most cyber-attacks, which can lead to major reputational damage and financial losses.
Remember, Information Security is a shared responsibility. These technical advances mean we must be more vigilant than ever.
What to look out for
- Verify the sender: Always double-check the email address and domain name of the sender to ensure it matches legitimate sources.
- Think Before You Click: If you were not expecting the email, verify the authenticity of the request with the sender through a separate communication channel. Even emails from known previous contacts can be malicious because the sender’s mailbox may be compromised.
- Urgent or threatening language: If the sender is trying to create a sense of urgency or panic, they may be trying to trick you into acting without thinking.
Report Phishing:
If you receive a phishing email, please report it immediately.
Instructions on how to spot and report a phishing email here:
https://www.abdn.ac.uk/staffnet/working-here/it-services/security.php#panel7228
Thank you to all those who already report phishing regularly.
Mandatory Training
For staff and PGRs; Please also ensure you have completed your Mandatory awareness training. This is required annually.
More information on training here:
https://www.abdn.ac.uk/staffnet/working-here/it-services/security.php#panel2858
Information Security Policies:
The Information Security and acceptable use policies have recently been reviewed. Please ensure that you familiarise yourself with the content, available here:
https://www.abdn.ac.uk/staffnet/working-here/it-services/security.php