skip to primary navigationskip to content
 

Malicious emails - stay safe

Signs to look out for in a malicious email:

 

phishing annotated

 

1) The sender's address does not include the genuine corporate domain. In this case, the  'etflix' address has been designed to look similar, so that recipients might skip past it without noticing the missing 'N'. Another common trick is to use an email address that's known to you, or is part of your organisation. We've seen a lot of fake emails from Cambridge University email addresses, with plausible-sounding advice or instructions about an invoice.

2) Look carefully at punctuation and grammar. A missing apostrophe, or a space before an exclamation mark, are mistakes that would be uncommon in a genuine business email.

3) Examine the link. Why would Netflix as you to visit 'www.zgxxk.net' to update your account information? In some malicious emails, the URL of the link might be hidden by text like 'Click here for to update your account', but if you hover your cursor over that text, your browser should display the target URL.

4) Be suspicious. If your Netflix account was about to expire, would Netflix offer 'a 1 month free for your time'? It's unlikely.

If, after looking at all the clues above, you're still uncertain about the legitimacy of an email, then either call the individual who (apparently) sent you the email, or use your web browser to visit the HOME page of the company in question (e.g. www.netflix.com) and use their navigation system to go to your account page, and check for problems. 

If you do click on a link in what you now think might be a malicious email, please contact the Computing Office (ext 62556) as soon as possible, even if nothing apparently happened when you clicked on the link.

Please be vigilant, and suspicious, and don't hesitate to contact the Computing Office at any time if you have even the slightest doubt about the authenticity of an email.

Thank you!!