What is Phishing, and what can I do about it?
Duration: 4 mins 18 secs
Share this media item:
Embed this media item:
Embed this media item:
About this item
| Description: | A four minute animation helping you understand the nature of phishing emails and how to mitigate against them. |
|---|
| Created: | 2017-05-10 15:30 |
|---|---|
| Collection: | Cyber Security |
| Publisher: | University of Cambridge |
| Copyright: | University of Cambridge |
| Language: | eng (English) |
| Keywords: | phishing; email; cyber security; safety online; |
Transcript
Transcript:
What is phishing, and what can I do about it?
Phishing is an attempt to extract your passwords, your personal data or University sensitive information, that is then used for criminal purposes.
These scammers use email, social media, phone calls, or face to face methods to phish for information.
Phishing is becoming more and more likely each day. It is estimated that in the University, there are around 1000 attacks an hour.
These scam emails attempt to trick you to click on a link that takes you to a malicious web site, or opens an attachment that installs a virus.
In March 2017, a scam email was sent to Cambridge users. Its aim was to trick people to enter their login information.
A link in the email went to a mock up of a Raven login page.
Unfortunately, a surprisingly large number of people clicked it and gave away their password.
Only a few hours later, scammers logged on to one of these accounts and used it to send more scam emails. NEVER login to Raven via a link in an email
So how do you recognise a scam email? Some are easy to spot, they offer you something "too good to be true" or inform you that you have won an academic prize; they may state that you have been given a bursary or extra grant funding.
Delete them. Don't reply to this type of message and DON'T go to any link they include
However, you are more likely to click on a malicious link if you are expecting invoices or shipping notifications. In these cases be particularly vigilant.
But what if you are unsure? Take an example from Mags, a Cambridge user.
Mags received an email attempting to get her to click on a link. But Mags was suspicious.
Instead she reported the incident to us. If Mags had clicked the link, a virus would have been installed on her computer.
Well done Mags, and THANK YOU. We want to know about ANYTHING that looks suspicious!
But how do you know if a link in an email is legitimate?
Hovering your mouse over the link can reveal the scammers fake link.
Also, look to see if the link in the browser's title bar shows a suspect or bogus link.
What else should you look for? If you see an email from an address like this, it is highly likely to be a phishing scam. There are only a handful of University ROLE addresses ending “@cam.ac.uk”
This is the actual address for HR, HR.Enquiries@admin.cam.ac.uk
If you are unsure, view the genuine @cam addresses by looking in the UIS help pages. https://help.uis.cam.ac.uk/role-addresses
These scam emails sometimes appear to originate from an @cam sender, but they don't.
You can check for valid Cambridge users by searching the University Lookup directory.
These days it is important to take much more care before responding to an email. If anything looks suspicious, rather than clicking an email link, consider going directly to the web site.
Or give the sender a ring to make sure that it is a genuine request.
If you think you have been deceived in any way, contact the UIS service desk, your local IT support or Computer Officer and change your password immediately if you are advised to do so.
STOP! THINK! Before you CLICK!
Phishing is an attempt to extract your passwords, your personal data or University sensitive information, that is then used for criminal purposes.
These scammers use email, social media, phone calls, or face to face methods to phish for information.
Phishing is becoming more and more likely each day. It is estimated that in the University, there are around 1000 attacks an hour.
These scam emails attempt to trick you to click on a link that takes you to a malicious web site, or opens an attachment that installs a virus.
In March 2017, a scam email was sent to Cambridge users. Its aim was to trick people to enter their login information.
A link in the email went to a mock up of a Raven login page.
Unfortunately, a surprisingly large number of people clicked it and gave away their password.
Only a few hours later, scammers logged on to one of these accounts and used it to send more scam emails. NEVER login to Raven via a link in an email
So how do you recognise a scam email? Some are easy to spot, they offer you something "too good to be true" or inform you that you have won an academic prize; they may state that you have been given a bursary or extra grant funding.
Delete them. Don't reply to this type of message and DON'T go to any link they include
However, you are more likely to click on a malicious link if you are expecting invoices or shipping notifications. In these cases be particularly vigilant.
But what if you are unsure? Take an example from Mags, a Cambridge user.
Mags received an email attempting to get her to click on a link. But Mags was suspicious.
Instead she reported the incident to us. If Mags had clicked the link, a virus would have been installed on her computer.
Well done Mags, and THANK YOU. We want to know about ANYTHING that looks suspicious!
But how do you know if a link in an email is legitimate?
Hovering your mouse over the link can reveal the scammers fake link.
Also, look to see if the link in the browser's title bar shows a suspect or bogus link.
What else should you look for? If you see an email from an address like this, it is highly likely to be a phishing scam. There are only a handful of University ROLE addresses ending “@cam.ac.uk”
This is the actual address for HR, HR.Enquiries@admin.cam.ac.uk
If you are unsure, view the genuine @cam addresses by looking in the UIS help pages. https://help.uis.cam.ac.uk/role-addresses
These scam emails sometimes appear to originate from an @cam sender, but they don't.
You can check for valid Cambridge users by searching the University Lookup directory.
These days it is important to take much more care before responding to an email. If anything looks suspicious, rather than clicking an email link, consider going directly to the web site.
Or give the sender a ring to make sure that it is a genuine request.
If you think you have been deceived in any way, contact the UIS service desk, your local IT support or Computer Officer and change your password immediately if you are advised to do so.
STOP! THINK! Before you CLICK!
Available Formats
| Format | Quality | Bitrate | Size | |||
|---|---|---|---|---|---|---|
| MPEG-4 Video | 640x360 | 450.85 kbits/sec | 14.20 MB | View | ||
| WebM | 640x360 | 285.54 kbits/sec | 9.03 MB | View | ||
| iPod Video | 480x360 | 521.61 kbits/sec | 16.43 MB | View | ||
| MP3 | 44100 Hz | 250.47 kbits/sec | 8.13 MB | Listen | ||
| Auto * | (Allows browser to choose a format it supports) | |||||