Following the recent phishing attack, it’s vital that all councillors complete the mandatory cybersecurity training.

What is phishing? Phishing occurs when hackers impersonate trusted sources to trick people into revealing sensitive information, such as passwords or credit card details, or trick them into downloading malicious software. These attacks can compromise devices, steal data, and provide unauthorized access to computer systems.

If successful, they can access council systems, disrupting services like Finance, Planning, Council Tax, IT, and Social Care, and damaging our reputation.

Your next step:

• Please complete the training by 16 January 2026.

• Access the training via the Cybsafe platform.

• On the Cybsafe Welcome screen, select “Log in with Microsoft” (highlighted in red). 

• Please do not use the email address option, as this will create a duplicate account.

• Complete all four short modules (3–5 minutes each).

  • Am I really a target?

  • Focus: Spotting fake emails

  • Browsing securely

  • Passphrases

Why this matters:

• Every phishing breach must be reported to the Information Commissioner’s Office.

• If we cannot show we are taking action, the council could face fines.

How to spot phishing emails:

• Suspicious sender addresses

• Urgent or pressuring language

• Unexpected attachments or links

• Spelling/grammar mistakes

• Requests for personal information

If you suspect or fall victim to phishing:

• Contact the Service Desk immediately: servicedesk@reigate-banstead.gov.uk or 01737 276464.

• Don’t wait for confirmation from the sender - act straight away.

Need help? Email security@reigate-banstead.gov.uk or contact the Service Desk.

Thank you for completing this training and helping keep our council systems secure