More cases of phishing — pay attention
There’s a lot of talk about phishing or phishing. How can you see that it’s a suspicious message that you've received? We asked some questions to Eva Rodin Svantesson and Kenth Näsström at the Infrastructure Department, who works with information and IT security issues.
— Some things you can think about are: Does the sender address match? In recent years, fraudsters have become more proficient in language and text content, so it is important to pay attention to other details, such as the sender address. Hold your mouse over and be accurate, often similar domains are used for phishing attacks, such as faktura@blockett.se instead of faktura@blocket.se.
Are the links correct? The hyperlinks in the email should be checked in the same way as the sender address. Hover with the mouse pointer above them and you can see the link address in plain text. Link addresses can be both long and complicated, but it is often possible to assess the credibility. Does the link to a legitimate website go or do you not recognise the address at all?
What can happen if you happen to click on such a link?
— The purpose of phishing attacks is to lure sensitive information such as user data, passwords, account details, credit card information, etc. to access money, sensitive information or the organisation’s operating system. So if you disclose your information or click on an unknown link, it may happen.
Why is it important that I as an employee become aware of this?
— Practically the only (and best) protection against phishing is that you recognise phishing messages that pop up in your emails. Then you can actively avoid and delete the message (never do what they ask you to do and do not click on any link)
If you accidentally click, contact Helpdesk and do nothing more with your computer.
How do we work at Mid Sweden University to protect ourselves from this?
— We have a number of systems (including firewall, FortiClient) that to some extent protect us from phishing. For you as an employee, there are a number of courses to take part in, and then we try to raise awareness through recurring information on the employee pages.
Have phishing attempts increased since the war in Ukraine started?
— Yes, we can see that attempts have increased and that is happening in all organisations. But it’s hard to determine who is responsible for a phishing attempt and where that person comes from.
Learn more about information security
