What is Phishing?

Untargeted, mass emails sent to many people asking for sensitive information (such as bank details) or encouraging them to visit a fake website.

National Cyber Crime Security Centre

 

Phishing is the name given to scams sent via email that try to trick you into revealing sensitive information or downloading malicious software such as viruses, malware or ransomware.

These phishing emails pretend to be from recognisable organisations in order to gain your trust so that you will follow the action they are requesting. These organisation can include banks, online retailers, delivery companies, technology companies and other trusted organisations including the University.

Social Engineering

The perpetrators of phishing use often very simple social engineering techniques in order to trick you into revealing information.

• Phishing emails often scare you into taking urgent action, for example asking you to enter your details on a website to avoid your account being suspended.
• The opportunity to get something for free is another common practice of phishing. Entering a competition or claiming a price is another way you can be enticed to enter your details online.
• They can also present innocent looking links to also lure you in, such as for shipping tracking or updating your contact details.
• As well as impersonating companies, perpetrators of phishing can also impersonate people you know. Doing this they can ask you to purchase items such as online vouchers on their behalf, and request that you send them the codes.

Think before you click. Phishing is the most common kind of attack. Learn how to avoid them.