Manchester Metropolitan University

Call IT Support Email IT Support

How to spot malicious emails

In the light of recent global ransomware email attacks, here are a few steps to follow to help protect yourself and the University

You may have seen recent reports of an attack against IT systems in the NHS and other organisations. This appears not to have been targeted against that sector, or even the UK, but is a traditional opportunistic global attack: it relies on an underlying security vulnerability, but requires user interaction. This means that everyone using IT systems – both at Manchester Metropolitan systems and at home – need to be vigilant and continue to play your role in keeping our systems secure.

The following advice is always relevant, but especially so in the light of the current attack.

While the method of delivery for this and other attacks can vary, staff need to be aware that emails are potentially fraudulent, and to not click on any links unless absolutely sure of the email source.

Some general advice on identifying and handling malicious emails:

  • Sender: Were you expecting this email? Not recognising the sender isn’t necessarily cause for concern but look carefully at the sender’s name – does it sound legitimate, or is it trying to mimic something you are familiar with?
  • Subject line: Often alarmist, hoping to scare the reader into an action without much thought - may use excessive punctuation
  • Logo: The logo may be of a low quality if the attacker has simply cut and pasted it from a website - is it even a genuine company?
  • Dear You: Be wary of emails that refer to you by generic names, or in a way you find unusual, such as the first part of your email address. Don’t forget: your actual name may be inferred by your email address
  • The body: Look out for bad grammar or spelling errors but bear in mind that modern phishing looks a lot better than it used to - many phishing campaigns originate from non-English speaking countries but are written in English in order to target a wider global audience and so word-choice may be odd or sound disjointed
  • The hyperlink/attachment: The whole email is designed to impress on you the importance of clicking this link or attachment right now. Even if the link looks genuine, hover your mouse over it to reveal the true link. It may provide a clue that this is not a genuine email. If you are still unsure, do not click the link
  • Signature block: The signature block may be a generic design or a copy from the real company.

Please immediately report any concerns you have to the IT Helpline on 0161 247 4646

The best defence for you home computer against this sort of attack is to ensure that you apply security patches when they become available, and to run an up-to-date anti-virus programme.

Next Story Upgrading our datacentres - Tuesday 16 May
Previous Story Upgrade to IT system Thursday 4 May
About Us