Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Seven in ten UK unis admit being duped by phishing attacks

Not so smart now, eh?

Seven in ten UK universities have admitted falling victim to a phishing attack in which an individual has been tricked into disclosing personal details via an email purporting to be from a trusted source.

The figure comes from a Freedom of Information (FoI) request by Duo Security to 70 universities across the UK, of which 51 responded. Seven universities, including those with GCHQ-certified degree courses – Oxford and Cranfield University – reported they had been targeted more than 50 times in the 12 months prior to November 2016.

The findings, released Wednesday, follow a recent warning from Action Fraud, the UK's fraud and cybercrime reporting centre, about a phishing scam specifically targeting UK university staff. The bogus email claims the recipient is due for a pay increase, before directing them to click on a link and enter financial details and university logins.

Henry Seddon, vice president EMEA for Duo Security, commented: "The challenge is that phishing attacks are increasingly sophisticated – a targeted spear phishing attack can be particularly difficult to spot – but they can ultimately compromise the security of the entire network. They open the doors to hackers, with stolen credentials, to access an organisation's system virtually undetected, posing as an authorised user. Worryingly, phishing is now the most popular way of delivering ransomware on to an organisation's network."

More details on the FOI – alongside advice on avoiding phishing attacks – can be found in a blog post by Duo Security here. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like