Posted on 5 October 2019
To protect yourself and your personal information, you need to be able to spot phishing messages and other scams. Make sure your friends know too!
What are spam and phishing?
Spam: unwanted, junk email, typically sent to large numbers of people, for the purposes of advertising, phishing, spreading malware, etc.
Phishing: fake email messages that claim to be from an organisation that you may trust (eg universities or banks). Often ask you to provide your personal details by replying or clicking a link. They may suggest you'll lose your account if you don't do so.
Scam emails vary greatly; look out for all of the following but bear in mind that a phishing attempt may only feature one or two of these signs:
Can you spot a scam?
We all think we won't be caught out, but every year IT Services have to lock accounts when students or staff fall victim to scams.
Try this quiz to see how good you are at identifying fake emails:
See our update on current student-specific scams in circulation:
Scammers - they’re after your money
Do not respond to a request to send your password via email. The message should simply be deleted.
Before you login or enter your details, make sure you’re on the right website. Phishers can make convincing copies of other people’s websites, so you should always check the URL at the top of the page.
If you are unsure whether a page asking for your University username and password is genuine, please contact the Library & IT Help Desk for advice.
If a phishing message that you've received looks particularly convincing, please forward it to itsupport@york.ac.uk who may be able to trace other University members who have been caught out by it.
See more advice from IT Services, including tips for spotting genuine University websites:
If IT Services suspect your account has been compromised in any way, they will lock/disable your account until they have spoken with you and made sure that it is secure. If you are unable to log in please contact the Library & IT Help Desk.
If you, or your friends, fall for a phishing scam:
For more hints on spotting dodgy emails, watch this IT Services video
Search social media for more #UoYTips.