Phishing email: Undelivered Mail
UoDIT is aware of more phishing emails being received by staff at the University.
Example Email below:
Dundee server detected your [username]@dundee.ac.uk email have (14) undelivered mails since the 16th of December 2017, which are awaiting your approval to be delivered.
Be aware that this should fix any mailbox malfunctions, kindly ask you to follow instructions as below.
* Move pending messagesnfrom Server to Inbox
* Review pending messagenwith Dundee Cloud server
Further messages might not be delivered if any of the above actions are not performed.
Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.
Did you click?
- If you have supplied your credentials or personal information, change your password immediately.
- If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
- If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.
These emails cannot corrupt your device on its own, you have to interact with it. Think:
- When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
- Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
- Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
- Do not provide your username and password, especially if you have any concern over the legitimacy of an email
Further advice can be found on the Information Security website section.
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.