Skip to navigation | Skip to main content | Skip to footer
Menu
Search the University of Manchester siteSearch Menu StaffNet

Don’t fall victim to phishing attacks

10 Jan 2022

Email fraudsters use increasingly sophisticated measures to try and scam people – posing as trusted contacts and asking you to make online purchases are just some of the ways this can happen

A goldfish wearing a shark fin

Phishing emails try to trick you in to giving out personal information, or visiting fake websites. Responding to a phishing attack can:

  • Release your personal details to someone who may use them fraudulently
  • Encrypt your files and folders, demanding that a 'ransom' fee be paid to revert the damage
  • Stop your computer from working completely

Top tips

  • Do you know the email sender? Were you expecting an email? Has it definitely come from a legitimate email account? Fraudsters can obtain information about you and your contacts and impersonate people we know, like senior staff, to create a sense of trust. Expand the ‘From’ field in the email to see the full email address and not just the name , and if you’re still in doubt, contact them via another method to verify.
  • Is there an urgent call to action to ‘click on a link’, open an attachment or help someone out? Is it claiming that something will happen to your IT account if you don’t do anything? Don’t be flustered into clicking before you’ve had time to review!
  • Be suspicious of generic, non-personalised emails with greetings such as ‘Dear Customer’. If a trusted organisation needs to contact you, they're likely to know your name. There might be instances where bulk or generic emails are sent out from trusted senders such as IT Services, but if this is the case they include details of how you can check that the email is legitimate without clicking on any links.
  • Check for poor spelling and grammar – phishing and scam emails often include these.
  • If it sounds too good to be true, then it may well be. For example, a fake email stating that you have won an Amazon voucher may be looking to harvest some personal data.

Remember - JDLR. If it Just Doesn't Look Right, report it to IT Services by following the process detailed on the Email phishing web page.

Remember to apply this advice when opening emails on your personal email accounts too. Stay safe online.