ILS Self-Help logo
HomeHome Most Helpful TopicsMost Helpful Topics
RSS Feeds
DrillDown Icon Contents Back
 . . . . . . . . . . . . .
DrillDown Icon Self-Help Home
DrillDown Icon Menu
DrillDown Icon Online Resources
DrillDown Icon Library and IT Gateway
DrillDown Icon IT Services
DrillDown Icon Student IT Pocket Guide links
DrillDown Icon Mapping the PUPSMD 'R' drive to your computer
DrillDown Icon Re-imaging a computer or laptop
DrillDown Icon Mobile computing
DrillDown Icon Canon Printer Consumables Requests for University Staff
DrillDown Icon Out of Hours Computing exam support
DrillDown Icon Apple Support
DrillDown Icon Network Project
DrillDown Icon Staff Mac fleet
DrillDown Icon PlymMac 7
DrillDown Icon Windows 7 Service
DrillDown Icon Accounts
DrillDown Icon Applications
DrillDown Icon Email
DrillDown Icon Redirecting email
DrillDown Icon Office 365 and OneDrive
DrillDown Icon Setting up a new outlook profile or adding mailboxes. Office 365
DrillDown Icon Access email from home
DrillDown Icon Connecting to another email account
DrillDown Icon Blocked attachments & Zip files
DrillDown Icon Calendars
DrillDown Icon Changing email format
DrillDown Icon Contacts
DrillDown Icon Delegate accounts and private email
DrillDown Icon Digitally sign and encrypt email in Outlook
DrillDown Icon Email address
DrillDown Icon Grouping in Outlook
DrillDown Icon Mailbox size - check
DrillDown Icon Message Header
DrillDown Icon Out of office
DrillDown Icon Personal distribution lists
DrillDown Icon Phishing emails
DrillDown Icon POP3
DrillDown Icon Recall email message
DrillDown Icon Restore deleted messages
DrillDown Icon Set Outlook for the web default reply behaviour
DrillDown Icon Shortcut to another mailbox
DrillDown Icon Signature
DrillDown Icon SMTP
DrillDown Icon Stopping Junk mail
DrillDown Icon Spam
DrillDown Icon Business Card
DrillDown Icon Email - creating reusable text
DrillDown Icon Checking mailbox usage from Outlook Web Access
DrillDown Icon How do I request a generic email account?
DrillDown Icon How do I request a global distribution list
DrillDown Icon File Space
DrillDown Icon Software
DrillDown Icon UNIT-e
DrillDown Icon Hardware
DrillDown Icon IT Training & Documentation
DrillDown Icon Telephony
DrillDown Icon Web
DrillDown Icon PC Finder Tool
DrillDown Icon Media
DrillDown Icon Library & IT Help and Support/Contacts
DrillDown Icon TIS Feedback process
DrillDown Icon About TIS
DrillDown Icon IT Service Catalogue
  EMail This ArticlePrint PreviewPrint Preview Current Article/Category with all Sub-Articles/Sub-Categories
 
Phishing emails

Phishing

What is phishing?

Phishing is the name given to the practice of sending emails purporting to come from a genuine company or organisation operating on the Internet.  These scam emails attempt to deceive the recipients into entering confidential information such as credit card or bank details, passwords and account data.  The links contained within the message are false, and often re-direct the user to a fake web site.  Many fake emails can look very convincing, complete with company logos and links that seem to take you through to the company website, although this too will be a fake.

How can I tell if an email is genuine or fake?

There are often common clues that may help you identify a phishing email. For example, you may find that the email:

  • has come from an unexpected email address (eg @hotmail.com, @gmail.com or @yahoo.com) instead of one associated with the organisation that is claiming to be contacting you.  However, you should never respond to any emails that ask you to reply with confidential information, such as your user ID and password.  The University will never ask for this information via email.
  • may contain poor spelling and grammar, and/or a lot of capital letters
  • warns of a big change but has no email address or phone number for further information
    .

What happens if I respond to a phishing email? 

If you unsuspectingly divulge your University account username and password to a third party, you could be putting yourself and the University at risk.
  • Your email address may be accessed and used to send tens of thousands of spam emails to others, and this could lead to email from Plymouth University being delayed or blocked by other universities and Internet Service Providers (ISPs).

  • If you are are a member of staff, the hackers could access the HR systems to steal your bank details, home address, national insurance number and employment details – all of the ingredients needed to commit financial fraud and identity theft.
  • The University’s public image could be damaged if vital information is hacked.

  • Other students and staff are at risk from hacking.
 
Isn’t my account protected?

The University runs blocking filters and software designed to prevent this type of email from getting to users.  However, it is inevitable that a small percentage of this constantly evolving phishing threat will make it through before being identified and blocked.

How can I stay safe?

 Use the following tips to protect yourself and the University.
  • Never disclose personal information in response to an email. University staff will never ask you to reveal your login details via an email.

  • Treat your University IT account details as highly confidential and a way of accessing sensitive information – never disclose your login ID or password to anyone outside the University.

  • Avoid using your University account password on other internet services outside the University.

  • Look carefully at who the email is from. If it is not clearly from Plymouth University (eg it shows an external email address) then it hasn't come from the University. However, even if it has been sent from a Plymouth University email address, you must not respond to any request for your password or confidential details as the account may have been compromised.

  • Even if you suspect an email message may be genuine, do not click the links within the mail message. Open a new page from your internet browser and visit the relevant web page directly.
     

  • If in doubt, seek advice – log onto the IT Self Service portal (https://itselfservice.plymouth.ac.uk), click on Report A Fault then use the drop-down options to select Report a Phishing / Fraudulent Email and then follow the instructions within the 'Description' field.
  • Remember, the only person who needs to know your password is you. Any email that asks for your password is a hoax.

 

Further information and reading

 

Attachments
Modified 07/04/2017
Author: Paraskeva, Michael