A phishing email is a fake email message that claims to be from an organisation you may trust. For example, a bank, government or from the University. A phishing email will often ask you to provide or “verify” personal or account details by clicking on a link or replying to the email.
To help you stay safe, we’ve put together these top tips:
- Check all links within emails before clicking on them
To check a link before clicking on it, hover your mouse over the link. When you hover over the link, you should see the web address appear in a preview box. It may well be different from the visible text that you can see in the email. This can give you a clue that the email is not genuine.
- Never give out your personal information
No legitimate organisation will ask for your personal details by email. For example, a bank would never ask for your bank account, PIN, password or contact details via email. In doubt? Ring the organisation using the phone number advertised on their main website or visit their official webpage instead.
- Do not open attachments from people you don’t know or if you’re not expecting them
Do not open attachments unless you know the person sending them or you are expecting the attachment. Your bank, the government, and reputable companies like the Royal Mail, eBay or Amazon, rarely send attachments.
- Be wary of these common phrases
Watch out for instructions like “verify your account” or “if you don’t respond within xx hours, your account will be closed.”
An example of this would be: Your library account has expired, therefore you must reactivate it immediately or it will be closed automatically. If you intend to use this service in the future, you must take action at once. To reactivate your account, simply visit the following page and login with your library account.
- Look out for spelling mistakes and poor grammar
Read the email carefully. If you spot spelling mistakes or poor grammar, this may be a sign that the message is a phishing email.
- In doubt? Don’t engage with the email: contact us for advice
If you are not sure what to do, don’t do anything. Do not open attachments or follow any links. Get in touch with the CSD Service Desk for advice about whether the email is malicious or not.