Spotting a phishing email

We’ve seen a recent spike in the numbers of staff falling for phishing scams. This blog post outlines a number of ways which can help you to identify a phishing email. If you are still not sure whether or not it is a scam, please forward the email to helpdesk@kent.ac.uk.

This is a picture of an actual phishing email (so don’t go to the address listed) which fooled a number of staff.

Screen Shot 2015-02-25 at 11.42.13
The message has come via a genuine departmental mailing list. Whilst we do what we can to prevent spam emails being sent via mailing lists it is not possible to prevent them all. The most effective way to prevent spam emails is to make your list available to those on campus only (if your email list does not contain off-site email addresses). If you want to check that your mailing list has been set to internal only, contact the Helpdesk.

Some spam emails will purport to come from a valid email account. Don’t just use the sender’s address to trust the message.

The ‘on behalf of’ address looks suspicious. Why would you expect to see an email from a random company’s info@ account? Again, this address can be forged, so don’t trust it.

The fact that the email was sent on a Sunday does not automatically make it suspicious, but this is when many spam emails are sent as there may not be a helpdesk for you to contact at the weekend. Also messages sent on a Sunday morning with “24 HOURS TO RESPOND” in the message mean that you may think you only have a couple of hours to respond when you arrive on Monday morning.

Hover over links (if your email software allows this) and you will see where you are really going to. Be suspicious of shortened URLs e.g bit.ly as you don’t know where they lead. Remember the blue text link is almost certainly not the actual destination of the link.

Poor grammar is a dead giveaway in spam email. Genuine University emails will not be littered with poor grammar and spelling mistakes.

Remember: The University will never ask you to send your password by email.

Leave a Reply