Cyber Security - Phishing
Fri, 24 Apr 2020

Phishing is a type of attack that is used in an attempt to obtain valuable information by disguising as a trustworthy organisation. An email or message is usually sent asking for you to click on an unsuspecting malicious link, to open an infected email attachment or to share your password.

They often appear to have been sent from a legitimate organisation or person by adding logos of your bank or by forging email addresses.

For a phishing attack to work, a cyber-criminal needs to trick you into doing something like clicking on a link within an email.

Here is a list of common phishing email tell-tale signs:

  • Forceful or faked urgency - demanding immediate action
  • Offer a prize reward - something that is too good to be true
  • Requesting information such as passwords, credit card number or other confidential data for security purposes - ICT Services will never ask for this via email
  • A generic salutation like 'Dear Customer'
  • Poor grammar or spelling
  • Uses a personal email address like @gmail.com
  • Use 'marked' links that look like a trusted website address but takes you somewhere else when you click on it

Top Tip - hovering over the link within the email should display the actual address.

If you receive a suspicious email from an organisation, even one that you regularly use, you should not click on any of the links within the email. Instead, you should either contact the company direct or manually type in their web address to get to their website.

Any suspicious emails should be forwarded to spam.reporting@eastriding.gov.uk and then deleted.

For more information please see the ICT Security Intranet Page.


Share your views

Whether you like this new page or there's something not quite right - please let us know!