1. Employee News 2023, Issue 33 - Reminder: Be Aware of Cyber Security Threats
  2. Employee News 2023, Issue 33 - Reminder: Be Aware of Cyber Security Threats

Employee News 2023, Issue 33 - Reminder: Be Aware of Cyber Security Threats

Reminder: Be Aware of Cyber Security Threats

The National Cyber Security Centre has once again issued an alert asking organisations to be aware of the potential threat to their ICT systems, from groups who target government, local government and state-led organisations, with destructive and disruptive cyber-attacks.

Organisations, including councils, are being reminded to ensure we take all steps possible to review and strengthen our ICT system defences.

We all have a responsibility to ensure that the Council remains protected from any cyber-attack and should be mindful of the following:

  • All employees should be aware of the risk of cyber-attacks. We should all be particularly alert to the risk from spam and phishing emails.
  • Be aware that although we have a spam filter on our email system, cyber-attackers are always seeking ways to bypass such spam filter software.
  • If you receive any email which you think is suspicious, please DO NOT OPEN IT but forward it immediately to our spam email address: spam@fusemail.com
  • If you open an email and then believe it is suspicious, you must contact ICT IMMEDIATELY on the ICT helpline 0141 578 8888.

It would be helpful to have regular discussions in your teams about cyber security to maintain vigilance and reduce the risk. If you are in any doubt about any email you receive, you must seek advice before you open it. Examples of phishing emails can be found below.

Thank you

Ann Davie
Depute Chief Executive

Two examples of phishing emails seen at the Council:

Example 1

This example was sent to an employee as if it was from our Chief Executive, Gerry Cornes.  While Gerry would never make such a request, the thing to note in this example is the sender email address. 

Advice on this example would be, if you need to clarify with the person sending the email that the request is genuine, do not reply in the email thread. Instead, send an entirely separate email reiterating what was requested and confirming if it is genuine.

Example of a scam email showing Gerry Cornes' name next to a fake email address

Example 2

This was an email notification to a member of our Senior Leadership Team (SLT). This was not sent by anyone at the Council nor from our Microsoft Tenancy. The thing to note is the sender email address - this is not an EDC address.

Example of a scam email notification from an account posing as the East Dunbartonshire Council Support Helpdesk