We often get unwanted messages called 'spam', and malicious messages trying to trick us into revealing our logon details or other personal information, called 'phishing'.
A summary of what you should do
If you get an email that you know is spam or phishing, please forward it as an attachment (using the keyboard shortcut Ctrl + Alt + F) to one of the following addresses:
- If you know that the email is junk, please forward it as an attachment to: junk@office365.microsoft.com
- If the email is a phishing message, please forward it as an attachment to: phish@office365.microsoft.com
- If the email is abusive, please forward it as an attachment to: abuse@messaging.microsoft.com
Please contact the IT Service Desk only if you have clicked on any links in the email or entered your details in response to it, or are unsure about whether the email is genuine.
Remember that you will never be asked to verify your password via email. More detailed information can be found below.
Phishing Advice
Sometimes you'll get an email that appears to come from your bank, the IT Service Desk or similar, but in fact it is trying to trick you into revealing important information such as your username and password, bank details etc. This is phishing. Read our advice on how to avoid getting caught by a phishing scam. If you want to report a phishing email or think you may have replied to one, please contact the IT Service Desk.
Please also forward the email (as an attachment), using the keyboard shortcut Ctrl+Alt+F to phish@office365.microsoft.com
How does phishing work?
You may receive an email with a message like this:
'We suspect an unauthorised transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.'
Or
'During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information.'
The emails or pop-ups claim to be from a business or organisation that you might actually deal with - for example, the IT Service Desk, an internet service provider, a bank or an online payment service. The message may ask you to 'update,' 'validate,' or 'confirm' your password and/or account information, and some phishing emails threaten a dire consequence if you don't respond.
The messages direct you to a website that looks just like a legitimate organisation's site - but it isn't. It's a bogus site whose sole purpose is to trick you into giving away your personal information so the operators can steal your identity to access your data, run up bills or commit crimes in your name.
Neither the University nor any other reputable organisation will ever send you emails asking you to input, confirm or validate account and/or personal details.
Tips to avoid getting hooked by a phishing scam:
- Even if an email requesting account information appears to have come from an official and/or trusted sender do not trust it,
- Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message,
- Don't cut and paste a link from the message into your web browser - phishers can make links look like they go to one place, but they actually send you to a different site,
- If you are concerned about your account, contact the organisation using a phone number you know to be genuine, or open a new internet browser window and type in the company's correct web address yourself,
- Don't email personal or financial information - email is not a secure way to send information,
- Review credit card and bank account statements as soon as you receive them to check for unauthorised charges,
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
How to check a link before opening it
Windows laptops and computers
- Hover your cursor over a link to see the full web address
Mac laptops and computers
- Hover your cursor over a link, then click the disclosure triangle ( ˇ ) that appears next to it to see the full web address
iOS & Android phones and tablets
- Press and hold the link until a menu appears - the full web address appears at the top
- In iOS 13 and later, pressing and holding the link may display a live preview. Click on 'Hide Preview' to see the web address. You can choose 'Tap to show preview' to revert back to showing the preview
Links in University emails
Automatic emails from many (but not all) University systems (such as SIPR, COSTA and ServiceNow) do not contain hyperlinks to web pages which ask for your username and password. Instead, the links appear just as plain text. You need to copy and paste these links into the address bar of your web browser.
Managing your emails
You may find that an email is deemed by Microsoft to be spam and goes into your Junk folder when it is actually a valid message. If this happens, you will need to approve the email message or sender within Outlook.
To do this:
- Select the message in your Junk folder
- Choose the drop-down arrow from the Junk heading and select your desired option
In Outlook Web Access you can drag the email from your Junk folder back into your Inbox. For more information from Microsoft on your junk email settings, look at the content here.
Spear phishing
We are seeing an increase in spear phishing, where a phishing email is targeting an individual. A common one is where they email you saying they have evidence you have visited porn sites or have compromising photos or videos of you. To ‘prove’ it, they may include an old password you have used. Do not reply to these emails, they are a scam. These passwords have come from sites which have been hacked, often several years ago. If you still use the password on any site, change it immediately. If you use it on any University site report it to the IT Service Desk. If you have any concerns that your University account has been compromised talk to the IT Service Desk.