This summer, the IT department's identity management team, the mail team and the Computer Security Team rolled out additional measures to protect your account and your mailbox. While 2-factor authentication ("T2U4U2FA") and malware-quarantining ("Fighting spam - the Boss Level") are definitely intended to provide better protection to you, you are not yet off the hook: Attackers are on the prowl to continue luring you into clicking malicious links, QR codes, SMSes, or opening intoxicated attachments.
You might recall some of the malicious emails from the past, bad QR codes and SMSes, which attempted to social engineer our colleagues into transferring money, or which succeeded breaking into CERN computing accounts and produce fake invoices ─ where, fortunately, no damage happened. We ─ you! ─ are target. And the damage can be substantial: sabotaging accelerator operations and accelerator control systems under "your" supervision, manipulating data with "your" analysis jobs, mis-managing IT services via "your" administrator rights, redirecting money using "your" credentials, transferring personal data protected by "your" password, or tearing CERN into the dirt through "your" social media channels… The list is much longer. Just be imaginative what the malicious evil ─ given lots of time for reconnaissance and information gathering, an objective to do harm or for financial gain, and immense perseverance and all necessary resources to reach that goal ─ can do once it has access to your CERN computing account or to your computer. Think of the services and systems, data & documents your computer can access; think of the power and privileges your account has; think of your work and what can go wrong if this work is performed by a maliciously evil attacker; and then think of the consequences for CERN, its operations and reputation. You got the picture: One wrong click on one malicious link in a webpage/email/WhatsApp message/Instagram feed/SMS, one wrong scan of a malicious QR code, and the lights go off for CERN. Boom! For much longer than repairing a bellow.
Hence, this is why we ask you again and over again to "STOP ─ THINK ─ DON'T CLICK" before accessing a link. And today we ask again, as we are still being requested to "de-quarantine" emails, i.e. to deliver emails which our SPAM filtering system has blocked, emails which have been detected to surely be malicious*. We can and must do better! "STOP ─ THINK ─ DON'T CLICK": Do you know the sender of the link? Do you expect a message from her/him? Do its contents relate to you, your life or your work? Is it written in a language you understand? Do you trust the corresponding website, the URL the link points to?
