Phishing Awareness Campaign 2
YOU HAVE BEEN PHISHED!!
You have been redirected to this web page because the email that you just opened was part of a phishing awareness campaign run by Rotork’s Cybersecurity Team.
Phishing is a cyber attack that attempts to trick the email recipient into believing that the message they have received is something they want, need or that requires an urgent response, for example:-
- A request from your bank
- An update on an unexpected delivery
- A request from a trusted colleague or department within Rotork for information
All with the purpose of getting you to click a link or download a malicious attachment, which can then infect your machine and potentially all of our devices. The Cybersecurity team create these simulations to both test the validity of our training and to further raise the profile of the likelihood of a legitimate phishing attack.
As this was a simulation and although we have detected that you did enter your credentials, please be assured that your account remains secure, your details have not been captured and you do not need to change your password.
In the next few days, you will receive an email from the ‘Global Training and Development team’, providing information on how to retake your phishing training, which is compulsory for anyone who has unfortunately fallen for the phish.
In the meantime, please see the diagram below, which identifies the key indicators that this was a fake email.
- This email is tagged [EXTERNAL], so has therefore NOT originated from within Rotork.
- The email has been sent from John.email@example.com this is NOT a genuine Rotork address.
- There is a tight time limit or sense of urgency in an attempt to cause stress and possibly make you less careful and to action the request immediately.
- If you hover the mouse over the “Rotork Deals” link it will show where it is redirecting you to, which is not a valid Rotork location.
- Is the sender, (who claims to be a Rotork employee) valid? You can check this via “Find an Employee” on Rotork Konnect or from the Outlook Address Book. If the username is valid, does the department match the email signature and/or does it make sense that this employee would send this kind of email. - If in doubt contact the user directly on recognised channels, i.e. do not simply reply to the email, call or email them from the address book.
If you ever receive an email that you are unsure about, please send it to firstname.lastname@example.org where the helpdesk can investigate. The sooner we know about a potential attack, the sooner we can respond and resolve any issues.
Remember:- You Are Our Firewall.