MyEDC

    Employee News 2023, Issue 16 - Be alert to Cyber Security

    Back

    Section

    Be Aware - Cyber Security Threats

    The National Cyber Security Centre has issued an alert to organisations, asking them to be aware of the potential threat to their ICT systems from groups who target government and state-led organisations, potentially including local government, with destructive and disruptive cyber-attacks.

    Organisations, including councils, are asked to ensure we take all steps possible to review and strengthen our ICT system defences.

    All employees have a responsibility to ensure that the Council remains protected from any cyber-attack and should be mindful of the following:

    • All employees should be aware of the risk of cyber-attacks. We should all be particularly alert to the risk from spam and phishing emails.
    • Be aware that although we have a spam filter on our email system, cyber-attackers are always seeking ways to bypass such spam filter software.
    • If you receive any email which you think is suspicious, please DO NOT OPEN IT but forward it to our spam email address:

    spam@fusemail.com

    • If you open an email and then believe it is suspicious, you must contact ICT IMMEDIATELY on the ICT helpline 0141 578 8888.

    It would be helpful to have regular discussions in your teams about cyber security. If you are in any doubt about any email you receive, you must seek advice before you open it. Examples of phishing emails can be found below.

    Thank you

    Ann Davie
    Depute Chief Executive

    Here are two of the most recent examples of phishing emails seen at the Council:

    Example 1

    This example was sent to an employee as if it was from our Chief Executive, Gerry Cornes. While Gerry would never make such a request, the thing to note in this example is the sender email address. 

    Advice on this example would be, if you need to clarify with the person sending the email that the request is genuine, do not reply in the email thread. Instead, send an entirely separate email reiterating what was requested and confirming if it is genuine.

    Phishing email send to council employee asking a member of staff to buy a voucher

    Example 2

    This was an email notification to a member of SMT. This was not sent by anyone at the Council nor from our Microsoft Tenancy. The thing to note is the sender email address - this is not an EDC address.

    example of phishing email asking employee to update their password

     

    Related News

    Fairytales come true in Milton of Campsie

    a group of people stand round a wooden statue of a fairy

    No time to lose … just potential funding if organisations don’t apply!

    pink piggy bank

    Six of the best! Provost’s Community Champions Announced

    Graphic of people celebrating with the word 'winners' in gold text above them
    All news & events