University of Reading cookie policy

We use cookies on to improve your experience, monitor site performance and tailor content to you.

Read our cookie policy to find out how to manage your cookie settings.


Simulated Phishing emails

The University periodically sends simulated phishing emails to employees to see how they react upon receipt of a scam or phishing email i.e. if malicious domains are flagged, if users spot social engineering, and know not to enable macros or unexpected files. These phishing vulnerability assessments help us to evaluate our security posture and identify key areas to help protect the university from future (genuine) attacks.  

May 2022 Phishing Campaign

Between Tuesday May 24th and Tuesday May 31st 2022, the Cyber Security team in DTS ran a phishing campaign. 7829 emails were sent out to all staff (with an active Microsoft 365 account) on Tuesday 24th, and the phishing website was kept open until the following Tuesday.

Learning actions

Phishing campaigns are not designed to catch you out, we want everyone to learn how to spot one! The takeaway messages from this campaign are:


For security purposes, the results are on a separate page only accessible using your UoR sign on: DTS Cyber Security: May 2022 Phishing campaign results and analysis. Do not share this information outside of the University.


Digital Skills training (UoR Learn, search for digital skills - security)

Avoid Phishing scams (LinkedIn Learning, video, 8mins)

Cyber Security Awareness - Phishing (LinkedIn Learning, video, 1h)

What to do with a suspect email?

If you've received an email that you think is suspicious report to DTS straight away.

Do not be tempted to click on any links or open any attachments in the email.