Computer attacks are becoming increasingly frequent, and higher education establishments are currently being particularly targeted (Paris Saclay – August 2024, Panthéon Sorbonne – October 2024, etc.).
Phishing is the most commonly used technique, consisting of obtaining your personal information, your connection data or inviting you to open an attachment by means of false emails pretending to be from a trusted third party.
In order to raise awareness among all Centrale Lille users, we have developed a tool that can be used to trigger training exercises to help you better detect phishing attempts.
Over the past few weeks, you may have noticed suspicious messages in your inbox. These messages were part of a phishing simulation run by the IT department for all Centrale Lille users.
Analysis of the results shows that Centrale Lille is highly vulnerable to receiving fraudulent emails. 61 people were tricked into either clicking on an attachment, which would have triggered a viral attack, or providing their Centrale Lille network login details, which would have been the starting point for an encryption operation and theft of our data.
We would like to remind you of the importance of remaining vigilant when receiving any email, by keeping in mind 4 essential reflexes when opening an email:
Make sure you recognise the email address. Be careful to read out the sender’s full address and not just rely on the alias that appears for the sender (e.g. an email displayed as coming from Thomas Maurer must include the sender’s address ).
I make sure that the links contained in the email are identifiable. Fraudulent links are generally incomprehensible and long-winded.
I only open an attachment if I am certain of the sender.
If in doubt, I contact the IT department to analyse the email.
We propose to contact the 61 people concerned, who will be contacted individually. The idea of this contact will be to give the person the keys to better recognise the email bombs and, overall, to improve the security of our content and data.
These awareness-raising initiatives will continue throughout 2025 thanks to the Cyber Coach tool from Mailinblack, a recognised player in the field of cybersecurity.
This solution will enable you to benefit from continuous training through realistic simulated attacks.
By immersing you in these immersive situations, we want you to acquire the necessary reflexes to identify and counter computer attacks.
If there is any doubt about the origin of an email, your responsiveness is our strength.
That’s why we’ve introduced a simple procedure for alerting the IT department: ‘redirect’ the suspect email to the mailbox.From Zimbra webmail :
Right-click on the message and choose ‘Redirect’ from the drop-down menu (this is different from ‘Forward’)
Enter the address in the new window and click on ‘OK’.
The PRI team will receive this email with all the relevant information and, if necessary, it will also allow our anti-spam software to learn how to recognise it.
The security of our school is everyone’s business, we’re counting on you, let’s become stronger together!
Contact: