Email phishing is a tool frequently used by cyber criminals to try and trick you into revealing sensitive information, or to download malicious content onto your device. Phishing emails are constantly evolving becoming more sophisticated each day; it is important that we understand the warning signs and how to report them at the University.
Identifying a phishing email
When receiving an email in your inbox, always check it before taking any action and ask yourself the following questions:
- Sender – Do I recognise the contact details? Is it from an unknown user or an external account?
- Subject – Is the subject line vague? Have they provided specific details about my request?
- Content – Does the content match the subject line? Are there grammar mistakes or are they offering something that seems too good to be true?
- Links or attachments – Am I expecting an attached document or voicemail? Does the link seem legitimate?
- Signature – Is the signature or sign-off generic? Does it match the sender details?
If something doesn’t seem right and you weren’t expecting this email, the best thing to do is report it.
Reporting a phishing email
If you think you have received a phishing email, you can report it using Microsoft Outlook. By reporting these messages, it allows Microsoft to review the message and improve its filtering as well as sending a copy to iSolutions for an independent review.
Select the ‘Report Message’ button in Microsoft Outlook and use ‘Phishing’ to report the message. More information on how to report phishing emails can be found here.
Further support and advice
- Staff and PGRs, if you haven’t already done so, please ensure you complete the two mandatory cyber security training courses. Please feel free to take the training again if you would like to refresh your cyber security awareness.
- If you do have any cyber security related questions or concerns, please contact ServiceLine who will be able to support you.
- More information can be found on the Cyber Security SharePoint site.
