Email phishing

What is phishing?

Phishing is most commonly an email that tries to trick you in to giving out personal information, or visiting fake websites. Responding to a phishing attack can:

  • Release your personal details to someone who may use them fraudulently
  • Encrypt your files and folders, demanding that a 'ransom' fee be paid to revert the damage
  • Stop your computer from working completely

Whaling, pharming, angling – these are just some other common names for types of phishing attempts, but they are all designed to cause the same damage. People who engineer phishing scams are criminals and hackers.

The National Cyber Security Centre has produced guidance on what phishing is, how to spot it, and what to do if you think you've clicked a suspicious link:

Key check points

  1. Is the sender of the email someone you know?
  2. Does the URL it contains look legitimate ? (Hover over the link to check)
  3. Were you expecting an attachment?

Remember - JDLR. If it Just Doesn't Look Right, report it to IT Services by following the process detailed below.

Help and support

If you think you’re a victim of a phishing email, or that your computer has become infected, call the IT Support Centre immediately on +44 (0) 161 306 5544.

If you receive a suspicious email, do not click on any links and do not reply, but let us know by sending the phishing email as an attachment to phishing@manchester.ac.uk

How to report a phishing email

The University is able to block many phishing emails before they get a chance to enter our network, and we have a good email filtering service in place. To keep our service up-to-date, staff and students are encouraged to report any potential phishing emails that arrive in your University mailbox.

It's quick and easy to report a phishing email and it should take you no longer than 10 seconds. Remember not to click any links or open any attachments in the email.

Option 1: Using Microsoft Outlook:

  1. Select the suspected phishing message
  2. Click “More” (next to the “Forward” button) and select “Forward as attachment”
  3. In the new message window that pops up, send the email to phishing@manchester.ac.uk

Option 2: Using Outlook on the web (on a computer, not a mobile):

  1. Click "New Message"
  2. Hold the mouse button down on the phishing mail in your list of emails, and drag it to the message area of the new message.
  3. When the phishing message has been attached, send the email to phishing@manchester.ac.uk

Option 3: Outlook for Mac

  1. In your main Outlook window, right click the message in your message list.
  2. Choose "Forward Special > As Attachment"
  3. Address the email to phishing@manchester.ac.uk and select "Send"

Option 4: Mozilla Thunderbird

  1. Select the message or messages you want to forward.
  2. From the menu bar at the top of the screen, choose "Message > Forward As… > Attachment"
  3. The message should appear in the attachment box in a new message. Type phishing@manchester.ac.uk and select "Send"

Phishing awareness training

To help yourself stay safe online, we strongly encourage you to take a few minutes and complete our phishing awareness training. The online course involves watching a short video, reading the training tips and taking part in a short quiz and test of your knowledge.