Navigate Up
Sign In
Skip Navigation LinksHome > infosec > Phishing


 What is Phishing?

​​Phishing is a method used by criminals to steal your money

The criminal contacts you by email, phone call, text message, or some other kind of electronic communication.
They pretend to be a person or organization that you will trust. They might say they are a bank, an online store, a big company like Google or Microsoft, the police, or a member of the University. They might even pretend to be IT Services.

They will try to persuade you to send them money, or to give up personal information that they can use to steal your identity.
To get your personal information they might ask you to confirm your details, or send you to a fake login page, or ask you to open a document that contains malware.


If you think you might have fallen for a phishing attempt, then please
get in touch with the IT Service Desk straight away.

 10 ways to avoid being phished

  1. ​Always take a minute to look at a message and check for the red flags listed on the right. 
  2. If you don't think a message is genuine, delete it.
  3. Don't open attachments or follow links unless sure a message is genuine.
  4. If in doubt, contact the sender to confirm if it is real. (Don't trust contact information in the suspect message.)
  5. Or, if still in doubt, you can always contact the IT Service Desk for advice.
  6. Remember that phishers don't just use email - they'll use SMS text messages, phone calls, and social media messaging.
  7. If someone rings  claiming to be from Microsoft, Dell, or similar, and says they've found a problem on your machine - it's a scam.
  8. If you open a Word document from an email and it asks you to "enable content" or "enable editing" then be very suspicious - it might be trying to run malware.
  9. Normally, when you log onto Office365 you are taken to the UWL Portal login page to enter your password. If a link takes you to some other page to log on, then be very suspicious.
  10. Use your UWL email address just for work, and your personal email address for everything else. Then, if you get an email from "Amazon" at your UWL address, you'll know it is fake.

 Phishing Red Flags


Click on the five red flags to learn more.

Is this someone you've ever spoken to before? Is it a company or person you normally do business with? 

And even if it is someone you know, is this mail something you would expect from them? 

Watch out as well for messages that appear to have been sent to you in error, but have interesting sounding content. They might be a trap - so if a message is not for you, delete it straight away.

​ ​​​​​​​​​​



 Useful Links


Remember, if you think you might have fallen for a phishing attempt, then get in touch with the IT Service Desk straight away!
  • You can also contact the IT Service Desk for general advice and help with phishing.
  • To learn more about phishing and other information security threats, check out our online Information Security Training course.
  • Get Safe Online is a public/private sector partnership that gives easy-to-follow advice about all sorts of online threats, including phishing.
  • Action Fraud is the UK's national fraud and cyber crime reporting centre. You can report phishing emails there. You can also report emails as phishing in Outlook Online. Just click the arrow next to Junk in the Toolbar to see an option to report the email.