Image Type Banner size 730*140

 
You can protect yourself from phishing attacks by taking the initial step of learning how to spot a phishing email. There are a number of typical warning signs to look out for including bad grammar, an urgent action required, incomplete or fake contact details or information. These can all be signs that something is wrong and alert you to a phishing attack. If you are ever unsure of an email then proceed with caution. Never click on any links or open any attachments on a suspicious email. 

If you think that you have received a phishing email you can report it by forwarding the email to phishing@nuigalway.ie and our IT team can take the appropriate steps in blocking the email.

See the below examples of typical phishing emails that would be sent to staff or students in NUI Galway:

Example 1: Validate Campus Account 

  1. ISS will never ask you to verify any of your information over email
  2. Asking you to go to an external link, you can check where this link will bring you by hovering over the link. You can see that the address for this link has nothing to do it with what it is pretending to be
  3. Incorrect sign-off, “NUI IT Helpdesk”. Our name is the “NUIG ISS Service Desk”

Example 2: Order Confirmation Invoice / Spoofing

  1. Spoofing email address, we can see that the display name does not match the email address name
  2. Invoice or payment that you did not make, suspicious company name
  3. Asking you to go to a link with a suspicious name, or one you have never heard of before
  4. Spelling/Grammar mistakes, the sign off name is spelt incorrectly or has unrecognised characters

Example 3:‌ Delete Email Account 

 ‌

  1. Suspicious email address
  2. Incorrect logo used
  3. Sense of Urgency, informing that account will be deleted within a certain amount of time
  4. Incorrect logo used again

Example 4: Invoice Attached 

  1. Suspicious email address
  2. Invoice or payment that you did not make, suspicious company name
  3. Asking to go to external link, the URL is suspicious 

Example 5: Email Storage Exceeded

  1. Unrecognised email address
  2. Sense of Urgency, informing that account will be deleted within a certain amount of time
  3. Asking to go to external link, when hovered over you can see that the URL is suspicious

Example 6: File Tax Return 

  1. Suspicious email address
  2. Sense of Urgency, asking for payment within a certain amount of time
  3. Asking to go to external link, when hovered over you can see that the URL is suspicious

Example 7: PayPal Payment

  1. Address you by email address instead of actual First Name, Last Name.
  2. Asking to go to external link, when hovered over you can see that the URL is suspicious

Example 8: Convincing Phishing Sites 

Some phishing attempts can be very convincing but it is always very important to make sure that you check all key aspects before continuing. This site has a spoofed URL which has nothing to do with the site which tells us that it is a phishing attempt.  

Example 9: Revalidate Your Email Account

  1. Unusual and unrecognised email address. Email address doesn’t match with the sign off of the email, “Technical help desk”
  2. Information Solutions and Services (ISS) DO NOT and WILL NEVER request details of your password by email or ask you if your account is still in use via email. If you receive a message asking for your email account details, delete it without response.
  3. Email is signed off as “Technical help desk”. This is not a department of the college, our name is Information Solutions and Services (ISS).

Example 10: Request to Update Account Details 

  1. Information Solutions and Services (ISS) DO NOT and WILL NEVER request details of your password by email or ask you if your account is still in use via email. If you receive a message asking for your email account details, delete it without response.
  2. Email is signed off with “Office365 Edu.” Microsoft will also never request details of your password by email or ask you if your account is still in use via email. 

Hovering over the link reveals the URL, which in this case we can see that it is not related to NUIG at all. 

Example 11: Links Asking You to Log in 

  1. Information Solutions and Services (ISS) DO NOT and WILL NEVER request details of your password by email or ask you if your account is still in use via email. If you receive a message asking for your email account details, delete it without response.
  2. This message is also very vague and doesn't give many details. Be particularly wary of any emails that are vague or give very few details with just an external link. 

Hovering over the link reveals the URL, which in this case we can see that it is not related to NUIG at all. 

Example 11: Fake Login Screens 

1. Web Browser Security ranks this website as "Not Secure". It is unsafe to browse any website that is not marked secure and you should never insert any credentials or passwords onto a "Not Secure" website. 

2. Looking at the website address we can clearly see that this is not an NUIG website. This is the easiest way to notice a fake website that is trying to disguise itself as a legitimite site. 

Example 12: SharePoint Based Phishing Scam  

SharePoint Phishing Scam

Suspicious Portal

1. We have seen examples of SharePoint being used as a vehicle to send phishing links. In this example, the mail has come from a legitimate Microsoft address (no-reply@sharepointonline.com) but the link contained within it points to an illegitimate site. 

2. Always hover over the link to see where it brings you before clicking on it.

3. In this case, the link brings us out to a frandulent NUI Galway email login page.

Phishing Awareness - Top Tips

You may wish to display a poster in your area to raise awareness about phishing. The below poster has been provided by HEAnet.