What is phishing?
Phishing is a cybercrime in which attackers disguise fraudulent emails and websites as legitimate ones to trick you into entering sensitive information (e.g. personally identifiable data, usernames and passwords, or banking information) by clicking on a link or opening an attachment.
What do I do if I receive a phishing email?
- Don't enter any sensitive information or download any attachments from suspicious-looking emails. Nobody at the University of Derby will ask for your password or to send your password by email.
- If the email is in your junk mail folder and you haven't entered any sensitive information, you don't need to do anything.
Report the email to the IT Service Centre and National Cybersecurity Centre:
- Click the icon on the top ribbon (to the right of the Forward button) and select Forward as Attachment;
- Send the email to firstname.lastname@example.org and email@example.com;
- If you have entered any sensitive information (e.g. personally identifiable data, usernames and passwords, or banking information), cc firstname.lastname@example.org into the email.
Report the email to Microsoft:
- Select the Report Message option from the ribbon at the top and select Phishing;
- The following dialogue box will appear, select Report.
If you accidentally report a message as spam, go to your junk mail folder, select the email and click Report Message > Not Junk.