Gå til hovedinnhold
0
Jump to main content

Cyber Security Month: Those who engage in phishing keep succeeding

UiA is under constant cyber attack - but fortunately most of the attacks are stopped by filters. However, some phishing attempts still get through. The more sophisticated attacks only require a little inattention for the phishing scam to succeed.

By Tor Martin Lien

Published: Thursday 06 October 2022

-

The two-step authentication at login prevents many phishing attempts. Here is a link to the Microsoft Authenticator app, which Chief Information Security Officer Johanne Warberg Lavold recommends we use for two-step login. 

Constant scam attempts

“We regularly get forwarded emails to spam@uia.no from employees or students who are skeptical about strange emails. The IT division checks whether the  content is harmful. We discover many phishing attempts, and we help people who have clicked harmful links”, says Senior Engineer Helge Høynes in the Division of IT.

“If you use two-step login on personal email and social media as well, you lower the risk of being scammed. And remember: Don’t ever approve a two-step login without having the login page in front of you. Especially on the phone, it's so easy to just click”, Lavold says.

 

The video was made by Tone Marie Straume and Mathias Kolsrud Aase at Mediesenteret, UiA (in Norwegian)

Check the link before you click

“Enter the address in the address field of the browser. Do not click on links in emails!” Høynes urges.

This is an example of a scam email, fresh from UiA’s phishing filter. It's easy to fall into the trap!

Phishing-eksempel-1

The cursor rests over the link in the email:

Phishing-eksempel-2

The scam site. Note the address in the address field:

Phishing-eksempel-3

Universities are targeted

Three sectors in particular have been targeted by cyber attacks in the past year, statistics from the Norwegian National Security Authority (NSM) show. These are technology companies, research and development, and public administration bodies. NSM Director General Sofie Nystrøm emphasises that it is very important that businesses in these sectors are particularly vigilant. At the same time, we can learn from the experiences gained in our work ahead, where oil and gas, electronic communications and power industry are examples of targeted sectors.

“The actors behind cyber operations against Norway in the past year have used a wide range of methods ranging from the simple to the very advanced. Preventive security reduces digital risk,” says the NSM Director General.

More tips about phishing:

Cyber security - Norwegian National Security Authority

Norwegian Data Protection Authority

Also check Sikresiden.no and download the app on your mobile.