Phishing Email - What To Look For
The internet has decided: if you’re writing a guide about phishing emails, there has to be a pun or two involved.
Before we get caught up with phishing puns, here is the serious message:
Phishing emails attempt to trick you into providing personal and sensitive information, often by pretending to be from a source you trust.
IT Services receive numerous reports of phishing scams, and the potential impact of providing your University of Suffolk username and password can be damaging. Learning how to identify phishing emails is important in protecting the data we are all responsible for, both at work and at home.
IT Services will continue the trend with…
Here are some characteristics that phishing emails often contain:
- Generic greetings – Dear User, Dear Client
- Poor spelling and grammar – Please click below to unlock your Message and account continual usage, it takes few seconds
- A sense of urgency – Your email password has been stolen, click the link immediately or your account will be disabled
- An attachment they want you to open – Your revised pay slip is attached
- Embedded links – You think it’s a link to somewhere genuine, but if you hover the mouse pointer over it, the actual link is going somewhere else. Have a go here: GENUINE SITE I PROMISE
Alert the IT Service Desk
If you’ve received an email you know is phishing, or you think it is and want to check, forward it as an attachment to email@example.com
Don’t assume we’ve already been made aware - we would rather receive duplicate reports of a phishing email than none at all. The earlier we know about it, the sooner we can take steps to limit its impact across the university.
We’ll usually announce serious phishing attacks on MySuffolk or through our IT Service Desk social media pages. Follow us on Twitter.
Inform us if you’ve made a mistake
Mistakes happen – if you’ve unintentionally provided your account details after clicking a link in a phishing email, please contact the IT Service Desk immediately.
You’ll need to change your password, so it’s important you’ve set up your security profile on the password reset portal.
There are a number of resources to learn more about protecting your data, and organisations that actively encourage you to report phishing emails for analysis.
To start with, click on the below link to view a short Lynda.com video on avoiding phishing scams:
The Action Fraud website provides further advice and has a regularly updated section on the latest scam emails to look out for. You can also use the site to report phishing attempts not directly related to your University of Suffolk account.
Please see this info-graphic provided by ActionFraud UK:
Click the button below to see advice from our Email Security provider, Symantec:
Although we cannot stop all spam from reaching you, our email servers are contantly working to prevent spam being delivered. You may receive the below emails from time to time, these inform you that our spam filter has successfully blocked a malicious email. There is no need to worry about these emails and can just be discarded if you don't want it in your inbox.
From 1st August 2016 to 1st August 2017, our email security systems blocked the following: