Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.
Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public.
The Information Security Awareness campaigns are an ongoing effort to increase and improve the online security and saftey of KAUST employees. The following information might have alerted you that it was a phishing attempt: the email was sent from outside KAUST, specifically from IThelpdesk@web-accessalerts.com, which of course is not a KAUST-owned website.
This campaign is a good reminder for us all in the KAUST community to not be as forthcoming in providing their personal details to suspect online sources. In the latest campaign an email was sent out to 3,448 staff members, of those 986 clicked on the link, while only 222 provided their credentials.
Although you are advised to change your password regularly, please note that your password was not captured or stored by Information Security during this campaign.
Congratulations to Mr. Asad Khan, who was selected at random from among other reporters of the scare as the ‘Phishing champion’. Asad won an iPod for his diligence.
For further information on phishing email the IT Helpdesk or call 808-0900.
For details on how to avoid being phished, please click here.