About fraudulent communications

Cybercriminals will often use fraudulent communications to trick unsuspecting users into sending them their confidential data.

Examples of fraudulent communications seen by the University include:

  • Phishing
  • Vishing
  • SMiShing.

Phishing

Phishing is a form of fraud that includes malicious emails.

They are designed to gain personal information and may appear to come from a genuine source, such as a streaming service, your bank, retailers like Amazon or someone you may know.

Emails often include links to bogus websites or attachments, which appear to be normal files (for example, Word, Excel or PDF) and are harmful.

An email with a fishing hook through it.

How to spot Phishing

IT Services have technical controls in place to filter out spam before it reaches your inbox, but Phishing techniques change and some will inevitably get through.

  • Check who sent you the email.
    Be particularly suspicious of emails asking for personal or financial information.
  • Hover over any links to see where they will take you.
  • Check the quality of emails.
    Misspelling, poor punctuation and bad grammar are tell-tale signs of phishing.
  • Urgency.
    Phishing emails will often have a sense of urgency as a social engineering technique.
  • Never respond to any email which asks for your account details or requests you to make a payment.

IT Services will never send you an email asking you to confirm your password.

Examples of Phishing

Blue button Phishing email

A screenshot of a blue button phishing email. From: a valid UWE or other contact address. To: your email address. Subject: Re: Invitation to take part in a research project - online survey. Warning message: If there are problems with how this message is displayed, click here to view it in a web browser. Body text: For: User Name, [blue button] 'Read Live Message'  13:54:59  Re: Invitation to take part in a research project - online survey  Take action before Friday

Signs that it is a phishing attack:

A screenshot of the same email with phishing signs highlighted as follows: The sender will be someone you've had contact with previously; The subject may relate to something you have been working on; The body text will contact a blue/green button; Hovering over the link reveals a suspicious unknown web address; No UWE specific user information, such as contact details or signature.

Fake warning from IT

A screenshot of a fake warning from IT. From: ithelp@uwe.ac.uk. Subject: Help desk. Body text: Your webmail quota has exceeded the storage limit which is 20GB as set by your administrator, You are currently running on 20.9GB.  You may not be able to send or receive new mail until you re-validate your mailbox. To revalidate your mailbox please click the link below: Click here.  Help desk.

Signs that it is a phishing attack:

A screenshot of the same email with phishing signs highlighted as follows: Non-existent sender address, this email address does not appear in the Outlook address list; No personal greeting; Request to revalidate or confirm account details; No UWE specific information, such as ITS contact details or signature; Hovering over the link reveals a suspicious unknown web address (http://tinyurl.com/6emzvy3).

An email containing an infected document

A screenshot of an email containing an infected document. From: Clare Harding [purchasing@carterspackaging.com]. To: user.name@uwe.ac.uk. Subject: FW: Purchase Order 0000035394 customer 09221. Attachment: Purchase Order 0000035394.docx. Body text: Dear customer, Please find attached a copy of our order (reference 0000035394), your reference. If you have any questions regarding the purchase order please contact us using the details below. Clare Harding, Purchasing Manager, Casters Packaging Ltd, Packaging House, Wilson Way, Pool, Redruth, Cornwall, TR15 3RT. Fax: +44 (0) 1209 315 600. www.carterspackaging.com, purchasing@carterspackaging.com

Signs that it is a phishing attack:

A screenshot of the same email with phishing signs highlighted as follows: Sender is a real company; An internet search reveals that they were the victim of a cyberattack that took control of their email systems; Malware can spread through infected office documents; Non-specific greetings; References to unknown financial transaction involving unfamiliar companies.

A document emailed from a government organisation

Screenshot of a document emailed from government organisation. From:gateway.confirmation@gateway.gov.uk. To: user.name@uwe.ac.uk. Subject: Your Online Submission for Reference 475/RA2949502 Could not process. Attachment: GB3370106.zip { Contains: GB3370106.pdf.scr}. Body text: WE could not process your Full Payment Submission. The submission for reference 475/RA2949502 was successfully received and was not processed. Check attached copy for more information. This is an automatically generated email. Please do not reply as the email address is not monitored for received mail.

Signs that it is a phishing attack:

A screenshot of the same email with signs of phishing highlighted: Email supposedly from government address to a work account; Poor grammar; File disguised as PDF but is actually an executable program; No personalised greeting and unprofessional structure; Reference to unknown financial transaction.

A document emailed form a UWE Bristol staff account

A screenshot of a document emailed from a UWE Bristol staff account. From: other.name@uwe.ac.uk. To: user.name@uwe.ac.uk. Subject: Your documen. Attachment: Document7912.zip { Contains: document7912.exe }. Body text: To view your document, please open attachment.

Signs that it is a phishing attack:

A screenshot of the same email with signs of phishing highlighted as follows: Poor grammar; File name as a document but is actually an executable program; No personalised greeting or explanation of attachment; No UWE specific user information, such as contact details or signature.

Vishing

Vishing or Voice Phishing is a type of fraudulent activity where criminals attempt to persuade victims to hand over personal details or transfer money over the phone.

Never give personal information (for example, passwords, banking details, credit cards details) over the phone to someone who has called you.

If you do receive such a call or you are in any doubt about the authenticity of the call, simply hang up. You can always phone the organisation back using a number from a verified source.

An image of a phone with an call from a thief.

How to spot Vishing

Information: The criminals might not be very convincing and may know nothing about you. Alternatively, they could already have some information on you such as your name, address or phone number, but need a little bit more. This can create the impression that they seem very genuine.

Urgency: If you receive a call you will inevitably find that you will be hurried into providing them with the information that they need. They will do this to panic individuals in the hope you hand over your information without being able to think it through too much. Fear often leads people into acting without thinking.

Phone spoofing: This is when a phone number appears to be coming from a genuine source (for example, your bank or credit card company). This is a technique used by cybercriminals to hide their identity.

Remember, if you are in any doubt simply hang up and contact the organisation using a number from a verified source.

SMiShing

SMiShing or SMS Phishing is where text messages are sent trying to encourage people to pay money out or click on suspicious links.

Sometimes attackers will try to get victims to call them by sending a text message with a specific number, with the intention to persuade them further.

An image of a phone with a text from a thief.

How to spot SMiShing

Unsolicited text messages from unknown numbers should raise alarm bells. If you are in any doubt:

  • delete the message
  • contact the organisation using details from an alternative verified source (for example, company website).

You may also be interested in