Security
Phishing emails: What to do?
Last week, several FGGA staff members were targeted by phishing emails.
While this is not considered a security incident, it serves as an important reminder of the potential threats that exist. A phishing email is typically harmless on its own, but it should always be reported to ISSC and handled with care.
What is a phishing email?
Phishing emails are sent by impersonators pretending to be someone you know. For example, you might receive a message from “Koen Caminada” that was not sent by Koen himself. The email may come from an address that is somewhat similar to, but clearly not affiliated with, the University.
- Phishing emails impersonate your account or name. For example: koen554@gmail.com
- They may contain a link or an attachment.
- These emails often aim to build a trusted line of communication, so they can later make requests of you, such as access to information or money.
- They are often automatically generated, so they may contain poor grammar or awkward language. For example: “I'm still waiting for your response, please let me know how if you can get them.”
- They are usually short, vague, and lack context. For example: “Where are you? Can we meet?”
What should I do if I receive or become aware of a phishing email?
- Never open any links, attachments, or act on any requests in the email (such as forwarding or sharing information).
- These emails are typically harmless, but they should still be reported. Please report any phishing attempts to the ISSC via the helpdesk. You can find more details on how to do this [here].
- If you're interested, there is also an e-learning module available on different types of email attacks. You can access it through the link above.
When is it dangerous?
- If the email was sent from your legitimate Leiden University email address. This would indicate a hack and a serious security breach.
- If you have accidentally opened an attachment, clicked a link, downloaded a file, or forwarded a phishing email.
If you encounter any of these situations, please contact Cameron Hope (c.a.hope@fgga.leidenuniv.nl) directly and immediately.