Phishing emails
Email phishing is an attempt to collect usernames and passwords, or bank account details from unsuspecting computer users by sending an email pretending to be from a trusted support group. They ask for this information using a carefully prepared message that appears to be genuine.
The email may even mention the names of IT support people that you know personally and seem to be from the IT support email address that you use to contact them. The email messages all ask you to reply, enclosing information such as your username, password, and sometimes other personal information, indicating that lack of response will result in your account being deleted or disabled.
See http://en.wikipedia.org/wiki/Phishing for more information on this technique.
How to treat a Phishing attempt
Do NOT reply and do NOT send your username and password back to any address, do NOT click on a link to a web site link. These links may even open a web page that looks exactly like a University web page and ask you to login. The email actually goes to an address used by spammers and hackers but is made to look like a University IT support return address. The email may contain a link to a web site that pretends to be a University web page but in fact takes you to an external web page, or, may contain an attachment for you to fill in.
What to do if you have replied
If you have replied you will need to change your password and security questions as soon as possible by contacting the IT Service Desk.
Should your details have already been used by the spammers/hackers, there is a high chance that your account will have been disabled by central IT staff. Therefore you will need to contact the service desk with evidence of your identity in order to unlock your account, preferably by visiting a service desk in person with your Library card.
See http://www.itservices.manchester.ac.uk/contacts/ for details.
IMPORTANT: You should NEVER give out your password even to IT staff.
We will also never randomly ask for your username (the only instance we may ask for your username is if you have recently raised an IT support call).
Reporting Phishing attempts
To help us prevent people from disclosing their University usernames and passwords, we would like you to forward any unique phishing emails that you receive which are asking for these details to phishing@listserv.manchester.ac.uk . We can then stop people who try to reply to these messages and prevent their accounts from being compromised.
Unfortunately, we can't deal with other types of phishing (i.e. asking for your bank details, or promising to transfer money into your account) or spam in general. You should just delete these messages.
If the email appears to come from a University member then please report it immediately to the IT service desk as this may indicate a compromised account is being used. It is important that the forwarded message includes the headers, information on how to do this is given below.
When forwarding us an example phishing message, please try to ensure you preserve as much of the message as possible. In particular try to ensure the email headers are included in the message. Message headers are often suppressed by email clients, and they are generally omitted when messages are forwarded.
In Outlook the best way to preserve the headers is to:
- Create a new email
- Click on ‘Attach Item’ (envelope and paperclip icon at the top, just to the right of centre) and select the phishing email from the list of items
- Send to: phishing@listserv.manchester.ac.uk
- If the message looks convincing or seems to originate from a member of the University then please also cc it to: it-servicedesk@manchester.ac.uk