A compromise through a successful phishing campaign is still one of the easiest ways for an attacker to get in. Phishing emails are still prevalent, so it's really important that we all learn to easily identify them.
When reading your email, look out for the following:
- A sense of:
- Urgency– makes you feel like you have to do something quickly, so you don’t take the time to wonder if the email is suspicious.
- Fear– for example, if you don’t click on the link, your account will be deleted, or you will be fined.
- Promise of reward– lottery win notifications, or “I am the widow of a rich person” type of email.
- Guilt or sympathy– “I am dying of…” type of email.
- So, if an email makes you feel: guilty, panicky, afraid, or greedy, stop and ask yourself why. It’s probably a phishing email.
- ‘To’ and ‘From’ address – these can be trivially forged and show false information. Often the ‘To’ address isn’t even your email address; a legitimate email would be addressed to your actual email address.
- Web link– check to see if the link is in the UCL domain (ucl.ac.uk), it could look like a legitimate UCL URL but check by hovering over it as it could be going somewhere else entirely.
- Asking you to respondwith your usernameand/or password– no legitimate email will ask you to do this.
- Unexpected attachment– some phishing emails come with attachments that when opened will compromise your computer.
- Headersand signatures– these can be forged; phishing emails often use them to appear more legitimate.
The consequences of responding to a phishing email (or opening an attachment in a phishing email) are that an attacker can steal your information and/or take control of your machine.
If you are ever unsure whether an email is a phishing email or not, before you click or respond, just ask us – firstname.lastname@example.org.