Calgary

University of Calgary goes phishing to school staff on cyber security

Faculty and staff at the University of Calgary might want to be extra careful about opening email attachments next month.

School to send out fake phishing emails in an attempt to educate faculty and staff

The University of Calgary will send out its own fake phishing emails to faculty and staff in the coming months in an attempt to increase awareness about cyber security. (CBC)

Faculty and staff at the University of Calgary might want to be extra careful about opening email attachments next month.

The school plans to send out fake phishing emails to see who will take the bait. 

Linda Dalgetty, the university's vice-president of finance and services, says the idea is meant to educate people about what a phishing email really looks like.

"We're just trying to continue our education program for our faculty and staff, understanding some of the risks and also how they can prevent cyber issues at the university," Dalgetty told the Calgary Eyeopener.

School fell prey to ransomware attack

The University of Calgary has had real problems with cyber security in the past. Last spring, the school fell prey to a ransomware attack and ended up paying $20,000 to get its files unlocked. 

Dalgetty said she's warning staff about the upcoming phishing attempts in the hope that they'll become more vigilant.

"The whole purpose here is to protect our individuals and protect our university systems." 

Dalgetty wouldn't give specific details on what the phishing email will look like, only that it's likely to be something a university would normally do — authenticating a server or updating a password. 

'If you're caught, then you're going to learn'

"It's going to be something that, if you're not vigilant, you might get caught on. But that's the whole point," Dalgetty said. "If you're caught, then you're going to learn."

Once a person is phished, they'll receive more information about how to avoid it in the future. 

Dalgetty said there are a few things staff and faculty can do to protect themselves, including hovering the mouse over the email address to determine if the address is valid, as well as hovering over the link to be sure it's linking to something it's supposed to.

"This is really all about the education," she said. 


With files from the Calgary Eyeopener