Internet-Security-IS

Email security: known suppliers and external contacts

If you get an email from a University of Kent supplier, external agent or a named contact that you usually work with, always follow the steps below.

Some of our known suppliers and external contacts are currently being impersonated, and the fraudulent emails we’re seeing can be very convincing. Business contact lists are being hacked to make fake emails look legitimate,

  • If there’s an attached invoice or document that you weren’t expecting, don’t preview it or open it. Contact the supplier separately from the email to check legitimacy.
  • If offered a link to sign into your account, don’t click the link. Go to their website using a web browser to sign in.
  • If the email gives you their new banking details, phone a known contact to check legitimacy.
  • Check the sender email address: double-click on it to see it in full. Does it look right?

All staff need to always take this cautious approach.

More email security advice from the University