On 15 November, an e-mail was sent out to 1100 employees at Lund University. The sender was an address created for this purpose and the message contained information linked to the University's recent change of bank for salary payments. The message contained a link that employees were asked to click on to go to a web page where they were asked to enter their username and password. Both the e-mail and the website were rigged by the external IT security expert.
On 20–22 November, selected Heads of Department at Lund University received a phone call from someone claiming to be from the Finance Department at the University. The call was followed up by an e-mail with a link that they were asked to click on and fill in their details on the website. Both the e-mail and the website were rigged by the external IT security expert.
"We saw that there were many people at the University, both managers and employees, who were vigilant and immediately reacted and acted on the activities. This is very positive," says Jean Odgaard, Head of Audit at Internal Audit.
The Faculty of Medicine was quick to warn about the net sharks on Intramed.
Read more about the audit on Staff Pages.