A number of schools and organisations are experiencing an increase in the volume of scam/phishing emails being received. These emails are designed to steal your personal data, login information or for monetary gain. These emails if acted upon can;

  • cause a data protection breach which may be reportable to the ICO
  • increase the security risk
  • leave the recipient, school or Trust at a financial loss.

If you have followed and submitted any information requested by a spam or phishing email please contact IT Support as soon as possible.

Spotting spam and phishing emails

Often it is easy to spot a scam or phishing email as they contain common characteristics such as:

The sender’s address does not tally with the organisation’s website or is new/different from previous emails

Tip: Look at the email address of the sender not just the name

The above example shows an email from Sharon Mosley at the Westmount Day School. However upon closer inspection you can see her email address neither relates to Sharon or the school.

This is a common trick designed to trick you into thinking the email is from someone else.

The greeting is impersonal

Phishing emails typically use generic salutations such as “Dear valued member,” “Dear account holder,” “Dear customer,” or “Dear {Surname}”.

Corporate branding is different from previous genuine emails

Phishing/scam emails often try to copy the format of official emails to trick you in believing they are genuine. It may be difficult at times to distinguish based on appearance alone if an email is fake. However you can do this by asking:

  • Are they using their normal font/size or does this change throughout the email?
  • Is it consistent with previous messages I’ve received from this person/company?
They contain spelling and grammatical errors

Tip: Look for grammatical mistakes, not spelling mistakes

A phishing email claiming that there has been "unusual sign-in activity"

In the above example, no individual word is spelt incorrectly, but the message is full of grammatical errors that a native speaker wouldn’t make, such as “We detected something unusual to use an application”.

Any supposedly official message that’s written this way is almost certainly a scam.

That’s not to say any email with a mistake in it is a scam. Everyone makes typos from time to time, especially when they’re in a hurry.

It’s therefore the recipient’s responsibility to look at the context of the error and determine whether it’s a clue to something more sinister. You can do this by asking:

  • Is it a common sign of a typo (like hitting an adjacent key)?
  • Is it a mistake a native speaker shouldn’t make (grammatical incoherence, words used in the wrong context)?
  • Is this email a template, which should have been crafted and copy-edited?
  • Is it consistent with previous messages I’ve received from this person?
You weren’t expecting an email from them

If you weren’t expecting an attachment or email from the sender this may be a sign of scam/phishing email.

A good example of this would be an email informing you that you have won the lottery (I’m sure we have all had one), the only thing is you didn’t enter any lottery.

There is a link to enter further details, which can include your username and password and/or banking information. The link itself takes you to an unknown website

Tip: Check where links/buttons go before clicking on them

You can spot a suspicious link if the destination address doesn’t match the context of the rest of the email.

For example, if you receive an email from Netflix, you would expect the link to direct you towards an address that begins ‘netflix.com’.

Unfortunately, many legitimate and scam/phishing emails hide the destination address in a button, so it’s not immediately apparent where the link goes to.

A phishing email imitating Netflix

In this example, you might click the link without giving it a second thought. You can check where links go before opening them by:

  • On a computer, hover your mouse over the link, and the destination address appears in a small bar along the bottom of the browser or next to the mouse cursor.
  • On a mobile device, hold down on the link and a pop-up will appear containing the link.
Trying to rush you into performing an action

Often phishing/scam emails will cause stress and panic by introducing a sense of urgency often use phrases such as “Your account will be disabled,” “Security Breach,” “Needs prompt payment,” “Act now” or “Action Required.”

What should you do is you receive a suspicious email?

  • Delete the message and/or report it as phishing/spam (Outlook on the web only)
  • If you are unsure; do not act and contact IT Support
  • Do not click any links contained within the email.
  • Do not reply
  • Do not enter your username or password or other personal data, if requested
  • Do not download or open any accompanying attachments

Could you spot a phishing/scam email?

Take a quiz to test and test your knowledge at https://phishingquiz.withgoogle.com/