Skip to main content Skip to navigation

Information and Digital Group (IDG)

How to Protect Yourself from Phishing Scams and Spam

Introduction

Phishing emails are fraudulent messages that scammers use to steal your personal information or money. They often pretend to be from trusted sources, such as your bank, a university, or a well-known online retailer. A typical example might say "Dear customer, please click this link and fill in your account details or we will deactivate your account."

Who is this article for?

This article is helpful for all University of Warwick staff and students.

Need more help?

If you have followed these steps and you need further support, please contact us:

Visit IDG’s Service Portal

Phone +44 (0) 2476 573737 or ext. 73737 (internally)

The ServiceDesk is available 24 hours a day, 7 days a week

Last revised: 30/08/24

How to Spot Phishing Emails

Look out for these red flags that indicate a potential phishing email:

  • Generic greetings: Emails lacking your name, instead using "Dear customer" or "Dear colleague".

  • Spelling & grammar errors: Poorly written emails with mistakes are common in phishing attempts.
  • Sense of Urgency: Watch out for language meant to scare you into acting quickly, like "Act now or your account will be deleted!".
  • Suspicious attachments: Be very cautious about opening attachments from unknown senders. They may contain malware.
  • Exciting offers: Don't fall for the "You've won our lottery!" trick. If it seems too good to be true, it probably is.
  • Dodgy links: Hover over links (don't click!) to see where they actually lead. Watch out for misspellings like www.amaz0n.co.uk or addresses using non-standard characters. Be safe and type known website addresses directly into your browser.

Important Reminders

  • Your bank or University will never: Ask you to confirm account details via email or telephone.
  • Ignore requests for bank details: Treat any email asking for your bank information as fraudulent.

Tips for Staying Safe

  1. Think twice before clicking: Be cautious if you receive an unexpected file or link in an email, even if it seems to be from someone you know.
  2. Contact the Service Desk: If you're unsure, contact the IDG Service Desk for assistance.

Understanding spam

Spam refers to unsolicited bulk emails, usually trying to sell something. It clutters inboxes and can sometimes pose security risks.

Measures to reduce spam implemented by IDG

As a distinctly visible target for spammers, the University has taken several measures to counteract the volume we receive. These include:

  • Blacklisting: Blocking known spam senders.
  • Address verification: Checking the legitimacy of the sender's email address.
  • Content filtering: Scanning emails for spam-like phrases.

We assign each email a score after checking it against all our rules. If the score is too high, we mark it as spam. Unfortunately, we can’t be too strict, otherwise, we risk blocking genuine emails, so some spam will always slip through.

What You Can Do

  • Be selective when sharing your email: Use caution when registering on websites. Consider creating a separate "throwaway" email address for less-trusted sites. If you need to register, but you’re not sure of the site, you can register with spam@warwick.ac.uk. You won’t be able to access any emails that go there, but it’s a valid address if you’re concerned.
  • Minimise public email listings: If you list your email publicly, try disguising it (you can enter it as firstname.surname@warwick.ac.uk) to confuse automated email harvesting tools.
  • Avoid read receipts: These can inadvertently confirm your email address to spammers.
  • Utilise email filters: Use your email provider's built-in tools to filter and block spam based on keywords, phrases or senders.