Skip to main content

How to spot phishing and report it

Guidance and advice for staying safe online

11th September 2023

Phishing is when someone intentionally attempts to trick you into disclosing your personal information. They may appear to be contacting you from a legitimate company or they can be trying to impersonate someone you know.

What do I need to check for?

These types of emails are sent to hundreds or thousands of people in one go, in the hopes that someone will take the bait. They are usually generic and non-personal in their greeting.

They can include malicious links, attachments or just request contact either by responding to the email or calling a number. Commonly disclosed information includes:

  • Usernames
  • Passwords
  • Banking records or account information
  • National Insurance numbers
  • PINs

What is 'junk'?

Junk mail is unsolicited mail that is sent to individuals or businesses without their consent. It can include advertising materials, catalogues, and requests for donations.

Junk emails are usually just a nuisance. If a junk email arrives in your inbox, you can report it as spam and further emails from that sender will automatically be delivered to your junk folder.

What can I do to keep safe?

  • Report it through the Outlook Phishing button.
    When you do this, it will automatically appear in the University’s monitoring system so that your security team can investigate further, take action, and provide advice to you if necessary. Check out our how-to guide for reporting phishing >
  • Don’t delete the phishing email once reported.
    The security team will do that for you once the investigation is complete and when a threat has been found. Your security team does not have the ability to access deleted emails.
  • Don’t engage with the email.
    Under no circumstances should you respond to something you know has malicious intent.

If in doubt, get it checked out! Email the information security team: if you have any queries.