Avoiding scams and malware
Email-distributed malware are emails that contain rogue attachments. The attachments could have software that intercepts your keystrokes, may attempt to steal banking information or mean that your computer can be controlled remotely by criminals.
Our systems block many incoming emails from harmful sources but we cannot block all of them. To catch those that get through our net, you need to be able to spot the signs of a scam.
Tips to avoid being scammed
If in doubt, do not click
A simple rule is: do not click on any links that you're not sure about. Think about whether the person or organisation the email appears to be from is likely to ask for this information. Phishing emails sometimes pretend to be from your bank or may ask you for your username and password for certain websites, like PayPal. If it looks too good to be true, it usually is, so if you receive an unsolicited email to notify that you have won the lottery or inherited vast sums of money, it is almost certainly a scam.
We will never ask you to provide your password either in person or via email.
Check the email carefully
While phishing scams are becoming more sophisticated, there can often be signs that something is wrong in the email. Are there spelling mistakes? Does the wording have a different tone of voice to other communications you have received from that person or organisation?
You can now report suspicious messages within Outlook (desktop and mobile app) and when accessing email using Outlook Web access using the Report Message add-in.
Check the website address
If you are considering following a link, check the website address carefully. Is it what you would expect? Be wary of following any link in an email that takes you to a login screen. These can be convincing but may not be genuine. Use your cursor to hover over the link to see if it actually redirects to a different website address than stated.
Report anything suspicious
If it looks suspicious, even if you know the source, do not open or click on any links. Report the email to the ICT Security team by attaching the suspicious email to an ASK request.