7 October 2022

Your lecture starts in 5 minutes. While you’re preparing for the meeting, a mail arrives from the ISSC. If you want your mail to keep working, you’ll need to increase the memory of your mailbox – immediately. They say it’ll only take two minutes of your time. As you’ll need that one mail later in your lecture, you click on the link. You’re directed to a web page that asks you to log in with your ULCN account. After you’ve done so and the stress has subsided a little, the realisation dawns. It was a phishing mail and you’ve entered your account details. What now?

Preventing cyber incidents

Last week we explained how to report a potential incident. Prevention is better than cure, though, which is why it’s important to be alert and learn from incidents. But how can you prevent a cyber incident?

1. First check, then click! Check the email first. You can identify a phishing mail from: bad grammar, asking you to log in or prompting you to do something quickly.
2. Also check the sender’s email address. Who is the sender? And does their email address look suspicious?
3. Unsure whether a link is reliable? There are a number of link-checker websites available. These allow you to copy in a suspect link and find out if it is legitimate.
4. If you are still in doubt, report it to the ISSC Helpdesk via tel. 071 527 8888 or helpdesk@issc.leidenuniv.nl.

Case study

• Students warned of student loan phishing scam

A safe digital environment is everyone’s responsibility. During the annual European Cybersecurity Month in October we’re therefore sharing weekly tips on how to be cyber safe at work.