In recent times, we all see and hear about more and more cyber attacks. There are many different types of phishing emails and scams on the internet nowadays. And, as cyber criminals become more sophisticated, it’s becoming harder and harder to identify scams. It’s important we’re aware of potential risks, what to look out for and how to protect our accounts.
We take cyber security seriously
Our Information Systems and Governance (ISG) Team work to continuously improve the security of our IT systems in line with best practice, to keep one step ahead of criminals. ISG’s incident handling plans enable them to deal with an incident as swiftly as possible to minimize the impact.
Thank you to everyone who continues to report suspicious looking emails into their MS Society account.
What we’re doing to keep our systems safe
To make sure we’re continuously improving our IT security, we apply best practice tests on our systems as part of our security awareness training process. And this will include emails to our MS Society email accounts, to evaluate and mitigate against risks. This means we can offer additional support and training to those who need it.
We’ll let you know if we're doing a password reset or anything similar which requires you to enter any details. So, if you receive something which appears to come from us without prior warning, assume it’s not genuine, don’t follow any links or enter your details, and report it to the Volunteer Support Team, along with the subject title of the email.
What you can do
It’s great that so many of you deleted and reported the recent suspicious emails; this is exactly correct. If you’re ever in doubt, report the email, and don’t follow any links or enter information.
Some of you were sent a link to complete cyber security training recently. This is intended primarily for our colleagues at this point, as we’ll soon be rolling out volunteer training on data protection and security. However, you’re more than welcome to complete this helpful course, developed by the National Cyber Security Centre, through Talent LMS or by clicking the link here.
We’ll be sending regular updates on cyber security going forward. But, as mentioned above, if you’re in any doubt over an email which looks suspicious, inform the VST. It’s great if you can also let the team know the subject title of the email.
We’ve rolled out Multi Factor Authentication (MFA) with our colleagues, which is a security measure to make sure the person attempting to log in is who they say they are. Each time you log-in a numeric code is sent to your mobile phone which you are then required to enter as proof.
We may also roll this out for volunteers to increase the protection of the personal data you handle for your community and members.
If you have any questions or concerns, please email the Volunteer Support Team or call them on 0300 500 8084 (option 3).