{"id":2687,"date":"2023-03-07T12:55:52","date_gmt":"2023-03-07T12:55:52","guid":{"rendered":"https:\/\/blog.bham.ac.uk\/itsecurity\/?p=2687"},"modified":"2023-03-07T13:08:00","modified_gmt":"2023-03-07T13:08:00","slug":"phishing-scams-and-other-malicious-email","status":"publish","type":"post","link":"https:\/\/blog.bham.ac.uk\/itsecurity\/2023\/03\/07\/phishing-scams-and-other-malicious-email\/","title":{"rendered":"Phishing, Scams and Other Malicious email"},"content":{"rendered":"\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p>Criminals are sending out millions of malicious emails every day.&nbsp; Often these are trying to steal your personal details, including your banking information or your University login details.&nbsp; Some might trick you into running malware on your phone, tablet, or computer.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\">How do I spot these?<\/h1>\n\n\n\n<p>Generally, if they look suspicious, they are.&nbsp; <strong>If something feels wrong it probably is<\/strong>.<\/p>\n\n\n\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p>The emails try to do the following<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Make you trust the email<\/strong><strong><\/strong><\/li>\n<\/ul>\n<\/div>\n\n\n\n<p>They may pretend to be from IT Services, HR, the police, or a large company.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Make you panic<\/strong><\/li>\n<\/ul>\n\n\n\n<p>The email warns you of something bad that will happen if don\u2019t act now<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Ask you to do something odd or unexpected<\/strong><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p>This could be a link to verify your account, an invoice that needs urgent review, send money or gift vouchers.<\/p>\n\n\n\n<p>The criminals want you to act, not think.&nbsp; Stay calm, no email is so urgent it needs a response now.&nbsp; You have time to think and seek advice.<\/p>\n<\/div>\n\n\n\n<p>Ask yourself<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Am I expecting this message?<\/strong><\/li>\n\n\n\n<li><strong>Would the sender really send such a message to me?<\/strong><\/li>\n\n\n\n<li><strong>Is the message really the type of communication that you would expect from the&nbsp;organisation it claims to come from?<\/strong><\/li>\n<\/ul>\n\n\n\n<p>These emails come in all forms. Most are from outside the University and come in a variety of types.\u00a0 They can look like unpaid invoice reminders, parking fines or tax demands; some look like OneDrive shares or Teams invitations.<\/p>\n\n\n\n<p>The start of the video, <a href=\"https:\/\/www.youtube.com\/watch?v=TwXDecutxew\">Top tips for staying safe online<\/a> gives a good summary of this advice.<\/p>\n<\/div>\n\n\n\n<h1 class=\"wp-block-heading\">Other things to look for<\/h1>\n\n\n\n<p><strong>The content is suspicious<\/strong><\/p>\n\n\n\n<p>Unfortunately there is no simple set of rules that can be applied so here are a few&nbsp; other characteristics.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>There are often grammatical errors, odd wording or technical errors in the messages.<\/li>\n\n\n\n<li>Links go to sites that are nothing to do with the organisation sending the email.<\/li>\n\n\n\n<li>Link shortening services are used to hide where links really go (eg bit.ly, tinyurl.com, ow.ly).<\/li>\n\n\n\n<li>The subject field does not really match the content<\/li>\n<\/ul>\n\n\n\n<p>If in doubt, seek advice from the IT Service Desk.<\/p>\n\n\n\n<p><strong>The email address is not consistent with the organisation sending it<\/strong><\/p>\n\n\n\n<p>In the case of IT services examples would be email from IT services not coming from address ending in bham.ac.uk and not addresses hosted elsewhere \u2013 for example &nbsp;<a href=\"mailto:helpdesk01@gmail.com\">helpdesk01@gmail.com<\/a>,&nbsp;<a href=\"mailto:IT@helpdesks.org\">IT@helpdesks.org<\/a>,&nbsp;<a href=\"mailto:itsupport@freemail.inc.co\">itsupport@freemail.inc.co<\/a>&nbsp;or&nbsp;<a href=\"mailto:fcruger@barbiemail.co.uk\">fcruger@barbiemail.co.uk<\/a>.<\/p>\n\n\n\n<p>Even if the address is correct, there is no guarantee that the email is genuine as addresses can be forged and sometimes compromised accounts are used to send malicious email.&nbsp; However if the address looks wrong in this way you can be confident that the email is malicious.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Criminals are sending out millions of malicious emails every day.&nbsp; Often these are trying to steal your personal details, including your banking information or your University login details.&nbsp; Some might trick you into running malware on your phone, tablet, or computer. How do I spot these? Generally, if they look suspicious, they are.&nbsp; If something &hellip; <a href=\"https:\/\/blog.bham.ac.uk\/itsecurity\/2023\/03\/07\/phishing-scams-and-other-malicious-email\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Phishing, Scams and Other Malicious email&#8221;<\/span><\/a><\/p>\n","protected":false},"author":84,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,5],"tags":[],"class_list":["post-2687","post","type-post","status-publish","format-standard","hentry","category-general","category-malicious-email"],"_links":{"self":[{"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/posts\/2687","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/users\/84"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/comments?post=2687"}],"version-history":[{"count":4,"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/posts\/2687\/revisions"}],"predecessor-version":[{"id":2692,"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/posts\/2687\/revisions\/2692"}],"wp:attachment":[{"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/media?parent=2687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/categories?post=2687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bham.ac.uk\/itsecurity\/wp-json\/wp\/v2\/tags?post=2687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}