Identifying and preventing Spam and Phishing emails
Last Updated: 05/02/15
Information on what spam is and how to prevent it
Check who it’s from:
Spam will almost always come from an unrecognized sender, often with odd email addresses. That doesn’t mean that all spam comes from unrecognized email address, they may appear to come from someone in College as email addresses can be forged easily.
Beware that they may copy content such as logos and images used on legitimate websites to make the email look genuine.
Look for links:
They may contain hyperlinks that will redirect you to a fraudulent website instead of the genuine links that are displayed. If you see a link in a suspicious email message, don’t click on it. The entire purpose of spam is to get you to click a link. Rest your mouse (but don’t click) on the link to see if the address matches the link typed in the message.
Check the language in the message
They may use language like ‘important notice’, ‘urgent update’ , ‘alert’ , ‘violation’, or ‘ winner’ with a deceptive subject line to persuade you that the email has come from a trusted source. They may contain messages that use threatening language, stating that your account will be disabled if you do not act. Any message that asks for your username, password, is never real (all legitimate websites have automated password reset programs).
Check the spelling:
Spam often contains misspellings and oddly-worded sentences. This can include bizarre capitalization and weird punctuation.
Look for attachments:
Malware and viruses are often disguised as email attachments. Never download an attachment from a sender that you do not trust or were not expecting.
Don't give out your email address online:
“Robots” (scripts created to scrape websites for addresses) can quickly gather thousands of emails at a time from websites where the email addresses are made public.
Use disposable email addresses to identify and shake off sources of spam:
Have one main account, and then make a separate account for different purposes (one for friends, one for entertainment sites, one for your financial websites, etc.).
In gmail, you can add a "+" button to your email address. For example, you can signup for newsletters like JohnDoe+Newsletters@gmail.com if your email address is JohnDoe@gmail.com
Set all those addresses to forward the mail to your main account so that you do not have to check multiple accounts.
If you start receiving spam through one of your alternates, you can trace it to one of your disposable addresses and simply delete that account.
Never respond to Spam or Phishing:
Replying or clicking the “Unsubscribe” link will only generate more spam, because they now know that the email address is valid. It is best to report and delete the spam using the steps in the section below.
Blocking and Reporting Spam or Phishing
Block and report spam in Gmail:
Most spam is automatically detected and placed in your Spam folder, where it will be deleted after 30 days. If you receive a message in your inbox that you believe is spam do the following:
- Check the box next to it and click the “Report Spam” button in the top.
If you do this accidentally, you can click the Undo link at the top of the page to recover it.
If there is a message in your Spam folder that is a legitimate email, check it and click the “Not spam” button. Ensure that it is truly a legitimate email before doing this.
Block spam in Outlook:
Outlook comes installed with a Junk Filter which is set to Low protection. This will catch most obvious spam and direct it to the Junk folder. You can increase the strength of the filter by doing the following:
- Click the Home tab and then click Junk.
- Select “Junk E-mail Options”.
- Click the Options tab and set the filter to the strength you want.
Each level of filter strength is explained. Setting it to High may move legitimate emails to your Junk folder, so be sure to check it periodically.
What do I do if I think I have responded to a phishing email in UCD?
If you have replied to a Spam/phishing message or clicked on any links within the email body and entered your UCD username and password please immediately change your password and report this to the IT Helpdesk (+353 01 716 2700) or email firstname.lastname@example.org
UCD IT Services will never ever ask for your username and password via email and you can confirm any communications from us with the IT Helpdesk.