Waves of phishing emails reach TU Delft every so often. Last week, university employees experienced the latest wave of emails asking people to click on malicious links. Employees sent hundreds of concerned reports of phishing emails to firstname.lastname@example.org last week. The ICT department usually receives only a few reports every day.
ICT also noticed a vast increase in the number of phishing emails stranded in the university’s spam filters, a spokeswoman says. “We are constantly updating these filters. Employees’ reports come in handy. They help us optimise our filters.”
Although employees seem to have responded correctly to the phishing emails and no damage seems to have been done, the ICT department has warned all employees, asking them to stay on their guard. Phishing emails are still coming in. Their number will eventually decrease, the spokeswoman expects. “These phishing attempts usually die out after a while, because the criminals behind them are preying on another organisation.”
Seven things you should know about phishing emails:
- The criminals behind phishing emails pretend to be government institutions, banks or companies and try to get you to click on links, fill in details, make payments or open malicious documents. Phishing emails are becoming increasingly more believable.
- Phishing emails often have a vague sender’s address or a close copy of a real company’s or government agency’s name.
- Be on your guard when you are addressed in general terms, such as ‘Dear sir or madam’ or ‘Dear customer’.
- Never just go ahead and click on links requesting to check, update or supplement your personal details. Check first.
- Read and examine suspicious emails well to see whether there are any discrepancies with earlier emails from the company or agency concerned.
- Links in phishing emails can install malware on your computer or send you to a fraudulent website. Never just click on a suspicious link. Always check the link’s address by using your mouse to place the cursor over the link – without actually clicking on it – and seeing what address appears.
- An attachment in a phishing email can install malware on your computer. Be especially suspicious of ZIP files. If you are expecting an attachment, contact the sender to ask precisely what has been sent and how.
If you receive a phishing email, send it as an attachment to email@example.com.