Phishing and spam attacks often happen whilst browsing the web or straight into your email inbox. However, there are serious repercussions to opening a suspicious email or link which could put you and the College at risk.

Phishing attacks

A video on how your information can be taken from you from the web and over email


Email-distributed malware are emails that contain rogue attachments. The attachments could have software that intercepts your keystrokes, may attempt to steal banking information or mean that your computer can be controlled remotely by criminals.

Our systems block incoming emails from harmful sources but we cannot block all of them. The College uses a spam filter to stop these emails reaching you. Find out more about the spam quarantine and how to release emails you believe have wrongly been filtered. 

Browsing the web

When browsing the web, it is important to be vigilant; especially if you are inputting personal information to the website. Scammers can mirror or copy websites that mimic a website, and these websites can contain key loggers that can collect passwords and bank card details. Visit our Fake websites web page for more information. 

Make sure you check the URL of the web page you are on - if the URL looks odd, it may be insecure. You can use this Google tool to check a URL you are unsure of or follow the guidance offered by DigiCert. If you are still unsure of a web page, please contact the ICT Service Desk. Never give personal information on a web page you feel is unsafe. 

Web filtering

Whilst you're connected to the College network, what you can browse online is restricted due to Web Filtering

Imperial College has various responsibilities ranging from legal and regulatory compliance to reputational damage. Web filtering is intended to prevent College facilities (software, computers, networks and offices) from being used to access illegal material.

If you attempt to access a site that is in the ‘block’ category of the web filter a message will appear on your web browser. It will inform you that the site you are attempting to access has been blocked by College policy. If you need access to the site, please contact the ICT Service Desk, and the request will be reviewed and if appropriate the block will be removed.

Web filtering is in line with the College’s current Conditions of Use of IT Resources policy, which inhibits the use of College ICT for accessing a much wider range of offensive material, as well as PREVENT related material. 

Social media

Many people leave themselves open to malicious attacks, reputational damage or personal embarrassment because they do not understand the risks of sharing information online.

  • Make sure you know exactly what you are sharing and who you are sharing it with.
  • Take time to understand and set up security settings. Most social networks allow you to control who sees what. 
  • Do not upload images or text to social media that you would not be happy for the world to see. Be aware that networks like Facebook, Twitter, Tumblr and Instagram are public spaces.
  • Always logout after use and keep your passwords secret. If you do not, your account could be hacked.


Being threatened or abused online or anywhere else is never acceptable. If you have been a victim of bullying or harassment in any context, there are many routes for support and advice.

Report it to the ICT Security team

If you are experiencing problems online or have a sensitive query relating to IT security, we encourage you to contact the ICT Security team directly, who are happy to help you put a stop to it.

ICU Advice Centre

The Imperial College Union Advice Centre offers advice and support on a wide range of issues.

College tutors

Every department has a comprehensive system of academic and pastoral care in place to make sure that you always have someone to whom you can turn.

Student counselling

The Student Counselling Service offers short-term counselling to all registered students.


  • If in doubt, do not click - trust your gut; if something doesn't look right, it probably isn't. 
  • Check your emails carefully - does the senders name match the email address? Hover over the links and check the URL it's pointing you to. Report messages that seem unusual using the report message add-in for Outlook. If you are finding you are getting a lot of newsletters from a company, remember you can always unsubscribe from those newsletters using the link which should be at the bottom of the email. 
  • Report anything suspicious - If it looks suspicious, even if you know the source, do not open or click on any links. Report the email to the ICT Security team by attaching the suspicious email to an ASK request.