KAUST Awareness Program – July Phishing Campaign: Expat Fees, Attachment
Two weeks ago, the Information Security team ran a phishing campaign to raise awareness about the dangers of phishing.
Phishing is defined as the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.
Communications purporting to be from popular social web sites, auction sites, banks, government entities, online payment processors or IT administrators are commonly used to lure unsuspecting public.
The Information Security Awareness campaigns are an ongoing effort to increase and improve the online security and saftey of KAUST employees, as per the Human Firewall Procedure. The following information might have alerted you that it was a phishing attempt: the email was sent from outside KAUST, specifically from KSA.Reg@urgent.facilities-information.com, which is not a KAUST-owned website. In addition, the ‘KSA Regulations Authority’ is not an actual entity.
This campaign is a good reminder for us all in the KAUST community to not be as forthcoming in opening attachments that come from external emails. In the latest campaign an email was sent out to 3,642 community members, of those only 436 opened the attachment. See the graph below:
We would like to congratulate the following individuals, who were the fastest reporters for this phishing campaign:
- Morne J. Du Toit & Luis A. Barreiro Goiriz, 36 seconds
- Daryl M. Grenz, 1 minute 6 seconds
- Mohammed Jahangir Shaikh & Deanna A. Lacoste, 1 minute 13 seconds
If you have any questions, please contact us at: askinfosec@kaust.edu.sa.
Good luck!