10 October 2022

Your Teams meeting starts in 5 minutes. While you’re preparing for the meeting, a mail arrives from the ISSC. If you want your mail to keep working, you’ll need to increase the memory of your mailbox – immediately. They say it’ll only take two minutes of your time. As you’ll need that one mail later in the meeting, you click on the link. You’re directed to a web page that asks you to log in with your work account. After you’ve done so and the stress has subsided a little, the realisation dawns. It was a phishing mail and you’ve entered your account details. What now?

Preventing cyber incidents

Last week we explained how to report a potential incident. Prevention is better than cure, though, which is why it’s important to be alert and learn from incidents. But how can you prevent a cyber incident?

1. First check, then click. Check an email first. You can identify a phishing from: bad grammar, asking you to log in or prompting you to do something quickly.
2. Also check the sender’s email address. Who is the sender? And does their email address look suspicious? 
3. If you are unsure about whether a link is reliable, go to checkjelinkje.nl. You can check your link there for known phishing links.
4. If you are still in doubt, report it to the Helpdesk. You can do so through the helpdesk.universiteitleiden.nl portal or by emailing helpdesk@issc.universiteitleiden.nl.

A safe digital environment is everyone’s responsibility. During the annual European Cybersecurity Month in October we’re therefore sharing weekly tips on how to be cyber safe at work.