How to recognise and report phishing
Phishing is a form of digital fraud. Usually, e-mails, text messages or social media are used to ask for your login details, bank details or credit card information. Be alert as soon as you receive a message asking for 'something' from you.
- Never give out personal or financial information
- Do not contact the alleged sender to verify the authenticity of the e-mail
Want to know how to recognise phishing?
Check the sender
Move the cursor over the sender address. For touch screens: press on the sender address until a pop-up window appears.
- Be extra cautious if the sender address is unfamiliar or unexpected.
Take a good look at the domain name of the sender's e-mail address (that is what is behind the @-sign). Known tricks: replacing a number with a letter (a u with a 4, an i with a 1 etc), an inconspicuous spelling mistake or extending a known email domain with an extra component (for example: ru.nl becomes ru.nl.it).
However: even email addresses you do know can send out phishing mails. Creating a fake sender address is not that difficult. Besides that, phishing mails can be send from a mailaccount that has been hacked.
A displayed, known phone number is not necessarily correct. For cyber criminals, it is quite easy to send an SMS via any number.
Check the content
The times when phishing e-mails were poorly written, and it was more than obvious that phishing was the purpose are long gone. A phishing e-mail is sometimes very difficult to recognise. Be extra alert in the following cases:
- Personal or financial information is requested;
- There is mention of time-sensitivity (“you have to respond quickly, or else...”);
- Fear (“if you don’t do this, then...”) or greed (“want to make a lot of money?”) are used as tools.
Check the links
On your Radboud email address:
Incoming emails to your Radboud account are controlled via Proofpoint, therefore links will look different. You can read more about this in the Proofpoint guide - URL Rewriting.
On other email addresses:
Move the cursor over the link in the e-mail (do not click). For touch screens: press on the link until a pop-up window appears.
- Do you see a link to a completely different website than the e-mail suggests? If so, then you can be fairly sure that it is a phishing e-mail.
- Even if the link looks safe at first glance, it can still be a phishing e-mail. Known tricks: replacing a number with a letter (an u with a 4, an i with a 1 etc), an inconspicuous spelling mistake or adding an extra component (for example: ru.nl becomes ru.nl.it).
- When in doubt, it is safer to not click on the link in the e-mail, but to type the web address into the browser instead. That way, you will at least not end up on a different website than the one you intended.
- Do not be fooled by a website that looks professional: that does not mean you can trust it.
- Check a link by pressing and copying it and paste it in your notes, for example, to see the full web address.
You can also enter the address at https://www.checkjelinkje.nl to check its reliability.
When you click or tick on a link in a phishing mail, a virus or ransomware can be installed on your PC or laptop. Make sure to keep good security software on private workstations.
Check the attachments
Be cautious about opening attachments. They may contain a virus that installs itself on your device as soon as you open the attachment. You cannot tell whether the attachment is safe just by looking at it.
- Were you not expecting this e-mail? Do you know the sender? Is this an attachment you would expect from the sender? If the answer is no, it is often a sign of phishing.
- Make sure to keep good security software on private workstations. In some cases, you can still avoid damage if you open an attachment with a virus by accident. Radboud University staff members and students can use F-secure for free.
If you suspect phishing
Report phishing if you are in doubt or certain that you have received a phishing e-mail:
- Report phishingIn Outlook, simply use the 'Report Phish' button to report a phishing e-mail.
The email will be automatically checked by Proofpoint. If it is a phishing email, it will be removed from all RU mailboxes.
- Phishing via SMS/social media/e-mail (not Outlook) should be reported to the ICT Helpdesk.
Preferably send the email as an attachment. The ISC will ensure that this e-mail is removed from the Radboud mailbox of all recipients.
- If it is indeed phishing, you will see the message disappear from your mailbox (this may take a while).