There has been a large increase in the number of phishing emails recently, and you have just clicked an unknown link in an email!
DON’T CLICK LINKS – if you are unsure or need help, please contact the help-desk.
The real key to spotting phishing emails is in the detail. Where did the email really come from? Where is the link taking you? What are they asking you to do or give out? So:
- DO make sure you know how to spot fake links and websites. Hover over all links so see where they’re taking you.
- DO ask yourself if the content is familiar or expected and ask someone if you’re unsure
- DO think about what you’re being asked. An anonymous survey asking you to score a service are probably fine but think twice if you need to give out personal information.
- DO go via your usual channels when changing passwords or logging in rather than clicking on links in emails.
- DO check your email quota by logging in to your account before taking an email at face value.
- DON’T take the sender of the email at face value – it’s very easy to send an email appearing to come from someone else.
- DON’T be pressured into responding there and then
These don’t always mean the email is phony, but you should look out for a combination of:
- Generic greetings e.g. Dear Email User, Dear Bank Customer.
- Poor spelling and grammar.
- Requests to do something e.g. click on a link, enter a password or make a payment.
- A pressure to act immediately.
- Emails relating to world events such as the major sporting or political events and even major disasters.
You can report phishing emails: phishing@infosec.ox.ac.uk
See https://help.it.ox.ac.uk/email/phishing/index for more information regarding reporting and https://www.infosec.ox.ac.uk/phishing on staying safe.