The Essex website uses cookies. By continuing to browse the site you are consenting to their use. Please visit our cookie policy to find out which cookies we use and why. View cookie policy.

My course
Get in touch with your department Attendance and engagement Awards and achievements Changing your course Contractual documents DBS check Exams and coursework Fees and funding Graduation Immigration and visas Intermission Leaving or returning to Essex Modules Programme specifications Registration Rules of assessment Study abroad Timetables My information
Health, safety and wellbeing
COVID-19 (Coronavirus) Emergencies Report an incident or concern Fire safety Your health and safety Medical support and healthcare Mental and emotional health Safeguarding
Study resources
Academic skills Learning tools Mentoring Student handbooks Personal tutor Places to study Postgraduate research resources Essex Student Journal
Student life
Disability and accessibility Crowdfunding Extra learning opportunities Equality, diversity and inclusion resources Essex values Faith Centre Forums and networks Money matters New students Student communities Students' Union Student voice Winter break
Services and facilities
Advice and support Accommodation Buildings, grounds and maintenance Careers services Childcare Design, print and copy services Events, meetings and conferences Food and drink IT services Learn a language Library services Media Centre Post and property services Professional Services teams Sport Theatre and arts Travel and transport
Our University
Freedom of information Equality, diversity and inclusion Sustainability and biodiversity
Quick links
Timetables Moodle Find Your Way map LEAP FASER Email login Students Services Hub
Campus
Accessible travel Events Sport Accommodation Library services Clubs and societies room booking form News Student blog Departments and Schools
Online services
My Essex student portal (current students) My Essex applicant portal Change your password Report an absence Phonebook and email directory eNROL Order official documents Listen Again Reading lists Student Request Portal
Support and Contact
Fees, funding and money queries IT help and support Report harassment Get in touch with your department Report a concern about a student Find a staff profile Key dates Getting ready to start at Essex (new students) Students' Union
University of Essex homepage Blog Student Think you can spot a phishing email
student Blogs06 April 2021

Think you can spot a phishing email?

Digital Innovation and Technology Services
Digital Innovation and Technology Services
Loading...

Phishing is a type of scam intended to trick you into handing over personal or financial information which is then used to commit fraud.

Most phishing scams are sent by email. Fraudsters will often pose as someone or an organisation you know, such as your bank, employer or a colleague. The hoax emails are designed to look and sound like they are genuine. More sophisticated scams may even contain your personal information.

Phishing is one of the most common online threats, and University staff and students are regularly targeted, so it’s important to be aware of the tell-tale signs and know what to do when you encounter them. Why is it important? The impact of a successful scam can be considerable, including personal financial loss and identity theft, disruption to University services, reputational damage and even fines from the Information Commissioner's Office (ICO).

To help demonstrate what to look out for, we’ve used some examples of actual phishing emails received by our staff and students.

The email is poorly written

Less sophisticated phishing emails often contain mistakes, poor grammar, and strange or unfamiliar language.

Figure 1 - Example of a fake email sent by O2. This is a phishing email example.

“Thanks for your attention to O2” and “Good time of the day” – this scammer sounds friendly enough, but it’s a strange way to start an email about your phone bill.

A sense of urgency

Threats, warnings, and urgent requests are intended to cause panic, so you act quickly without thinking. Some popular techniques include:

  • warnings about disk space and mailbox quotas
  • updating or verifying your account details
  • requests to purchase something on behalf of someone else, particularly vouchers
Example of a Phishing email pretending to be from the University and showing an image of the email mailbox being nearly full Example of a Phishing email pretending to be an email sent from the University IT helpdesk Example of a Phishing email pretending to be an email sent by Microsoft Office Example of a Phishing email pretending to be a work colleague

Suspicious links

Don’t take links at face value. It’s easy for scammers to hide fake web addresses in the text, images and buttons.

To reveal the real destination of a link, hover your mouse over the link for a moment and the address will appear. If you’re on a mobile device, press and hold on the link until the address appears. If it looks suspicious, it’s likely a scam email. Don’t click the link.

Example of a Phishing email pretending to be from the University's IT helpdesk

Here you can see “Click here for update” links to a fake University of Essex web address.

Offers that sound too good to be true

Emails offering you money or financial opportunities are often fake. For example, being awarded a grant you weren’t expecting. If something sounds too good to be true, it probably is.

Example of a Phishing email pretending to be from the University's awarding a student something

Attachments you aren’t expecting

Don't open or download attachments you aren’t expecting, or from senders you don’t recognise – these attachments may contain harmful viruses such as malware or ransomware. If you know the sender, find a way to contact them (not by email) to confirm if it’s genuine or not.

Example of a Phishing email pretending to be a colleague

Harmful attachments may also be sent via links.

If you think you have received a phishing email

There’s no harm in simply receiving a phishing email as long as you don’t action it.

If you receive a phishing email you should:

  1. not do what the email tells you to do.
  2. report the email in Outlook by forwarding it as an attachment to phishing@essex.ac.uk.
  3. delete the email.

The email will then be sent to our IT security team for analysis. If the email is malicious, we can take action to prevent others from receiving the phishing attack.

What to do if you have responded to a phishing email

  1. If you have entered any personal financial details, contact your bank immediately and tell them that you have been the victim of a scam. Do not wait to contact us before doing this.
  2. If you have entered your University password, change your password immediately. If you have used this password on other accounts, change it on those as well.
  3. Contact the IT Helpdesk so we can advise you what to do next.

General advice to protect yourself from scams

  • Stop and think. Be vigilant and curious.
  • Always hover over links in emails to check where they go to.
  • Don’t click on or open suspicious links or attachments.
  • Don’t respond to emails that ask you to confirm personal information.
  • Never share your passwords with anyone.
  • If you are in doubt, get a second opinion. Ask a savvy colleague or the IT Helpdesk.
  • Help protect others by reporting suspicious email to phishing@essex.ac.uk

Read more about phishing attacks.

Categories
Essex Daily
Digital Support

About the Author:

Contact IT Helpdesk

Digital Innovation and Technology Services
CONTACT US
Contact us

  • For enquiries contact your Student Services Hub
  •  
  • University of Essex
  • Wivenhoe Park
  • Colchester CO4 3SQ

 

CONNECT WITH US
© 2024 University of Essex. All rights reserved