UoDIT is aware of more phishing emails being received by staff at the University.
Example Email below:
Subject: Overdue Invoice – Urgent
Attached is your Avfuel Overdue Invoice. If you have any questions, do not reply to this email – instead, contact Avfuel at 800-521-7806.
Download your invoice online Download Invoice
Thank you for being an Avfuel customer!
Global Supplier of Aviation Fuel and Services
To make sure you keep getting these emails, please add firstname.lastname@example.org to your address book or whitelist us.
Want to stop receiving mails to this list Unsubscribe or if you want to stop getting all communication from us Unsubscribe All.
Our postal address: HQ San Francisco, California, United States
Please remain vigilant and please do not click any links in these emails and do not interact with the email if you have received it and delete from your inbox immediately.
Did you click?
- If you have supplied your credentials or personal information, change your password immediately.
- If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
- If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.
These emails cannot corrupt your device on its own, you have to interact with it. Think:
- When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
- Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
- Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
- Do not provide your username and password, especially if you have any concern over the legitimacy of an email
Further advice can be found on the Information Security website section.
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.