Skip navigation

University College Dublin Logo
SEARCH UCD


UCD CONNECT LOG IN
 

Top Support Topics

  1. UCD Connect
  2. Blackboard (Elearning)
  3. Printing
  4. New to UCD

A-Z Catalogue

Contact Us

Contact Us

 ithelpdesk@ucd.ie

 01 7162700

 IT Centres

<< Back to IT Support home

 

What is Phishing?

Last Updated: 08/12/08

This page describes phishing and related techniques to identify potentially fraudulent emails and websites.

Phishing is the use of fake email and websites to trick a user into supplying confidential or personal information. These emails appear to be from a reputable organisation and would have a link to a replica website for that organisation. Any details entered (bank account details for instance) into such a website are stolen by those who created the website.

No institution will ever send an email requesting login details. In the unlikely event that you do receive an email from a financial institution requesting such details, contact them directly via your statement contact details (not the ones in the email) to check prior to responding. In general, any email requesting personal details it is not to be trusted. If you receive such an email, contact the sender directly to confirm the request and do not reply to the email.

Phishing websites look and feel exactly like the real Websites they imitate. In order to determine whether a site you are directed to is real, check to see whether it has a valid and correct certificate. If it is a website you use frequently, use a bookmark to access the site rather than any email supplied link.

As a rule of thumb, phishing requests are characterised by:

  • They seem to come from a recognisable source but they use external addresses for replies.
  • They mention familiar names or roles- e.g. the Registrar or CIO.
  • They contain urgent and immediate requests for action (respond today!). These are designed to influence users to comply rather than consider requests.
  • They threaten consequences for non-compliance (your account will be disabled etc.

These emails and sites exist because they work. Many people, even those who know better, can be distracted or even accidentally comply with the requests in these emails. Should this arise, it is very important you contact the service or IT Services to report the matter, and change your account passwords immediately.

Other articles you might be interested in

To get a pdf version of this document click here