Cybersecurity month: Beware of phishing mails
Your Teams meeting starts in 5 minutes. While you’re preparing for the meeting, a mail arrives from the ISSC. If you want your mail to keep working, you’ll need to increase the memory of your mailbox – immediately. They say it’ll only take two minutes of your time. As you’ll need that one mail later in the meeting, you click on the link. You’re directed to a web page that asks you to log in with your work account. After you’ve done so and the stress has subsided a little, the realisation dawns. It was a phishing mail and you’ve entered your account details. What now?
Preventing cyber incidents
Last week we explained how to report a potential incident. Prevention is better than cure, though, which is why it’s important to be alert and learn from incidents. But how can you prevent a cyber incident?
- First check, then click. Check an email first. You can identify a phishing from: bad grammar, asking you to log in or prompting you to do something quickly.
- Also check the sender’s email address. Who is the sender? And does their email address look suspicious?
- If you are unsure about whether a link is reliable, go to checkjelinkje.nl. You can check your link there for known phishing links.
- If you are still in doubt, report it to the Helpdesk. You can do so through the helpdesk.universiteitleiden.nl portal or by emailing firstname.lastname@example.org.
A safe digital environment is everyone’s responsibility. During the annual European Cybersecurity Month in October we’re therefore sharing weekly tips on how to be cyber safe at work.