What is phishing?
Phishing is a cyber-attack in which attackers disguise fraudulent emails and websites to trick you into entering personal information (e.g. usernames and passwords, or credit card information) by clicking on a link or opening an attachment.
How do I spot a phishing email?
Phishing emails are disguised as being sent by a trusted sender or business (e.g. the IT Service Centre or Microsoft) and will attempt to make you believe the message is something you either want or need.
What do I do if I receive a phishing email?
Do not enter any personal information into a phishing email. No member of IT Services or the University of Derby should ask you for your password or to send your password by email.
- If the phishing email is in your junk folder, you don’t need to do anything.
If the phishing email is in your inbox and you haven’t entered any personal information, please report the email as junk:
Report the email to the IT Service Centre and the National Cybersecurity Centre:
- Click the icon on the top ribbon (to the right of the Forward button) and select Forward as Attachment.
- Send the email to firstname.lastname@example.org and email@example.com
Report the email to Microsoft using Outlook:
- Select the Report Message option from the ribbon at the top and select Phishing
- The following dialogue box will appear, select Report
- If the phishing email is in your inbox and you have entered personal information, please report the incident to the IT Service Centre:
Remove address from junk list
If you accidentally report a message as spam, go to your Junk Email folder, select the email and click Report Message > Not Junk.