Spam (phishing emails)

Sadly, there are people in the world who have chosen to make their living harvesting data from unsuspecting users by sending them fraudulent emails with fake links in them. Those links usually lead to a venue where one can give away one's credentials or other sensitive data by filling out a form that often looks quite bona fide. The fake emails are called "phishing" emails. When you put your information into those forms, it is said you have been "phished." Consequences of getting phished can include any of the following, and more:

  • your account gets locked out because your email account is used to send out large quantities of spam to other people
  • your sensitive data is used to steal your identity and set up e.g. credit cards in your name

Primary ways you can avoid getting phished | How to report a phishing email | More information

Primary ways you can avoid getting phished

  • use a spam filter (which most mail services have built-in - UW is currently transitioning to a Cisco spam filtering product from Proofpoint)
  • be vigilant
    • hover over links in emails before you click to make sure you're going where you think you are
    • copy addresses and paste them into the address bar instead of clicking on links in emails
    • watch for obvious spelling/grammatical mistakes in otherwise official-looking emails
    • ask a known real person from the source organization if an email is actually genuine
      • e.g. ask Kate if the email requesting that you provide your existing email credentials is real (Note: a real IT person would never ask for your domain credentials!!)
      • e.g. ask IT support or a relevant related contact at the institution that appears to be the source of an email if an email is genuine
  • set up and use two factor authentication (2FA)

How to report a phishing email

Forward the suspicious email as an attachment to soc@uwaterloo.ca, with the internet headers in the body of the email.

Outlook Windows desktop client

  • Open the suspicious message ("message A") in a separate window by double-clicking it
  • In the top left corner of the "message A" window click "File" then click "Properties"
  • Find the "Internet Headers" box, select all (Ctrl-A) then copy (Ctrl-C)
  • Close the "Properties" panel
  • In the top right-click the "More Commands (...)" button then in the dropdown menu select "Forward as an attachment"
    • this will create a new message ("message B") with the suspicious message attached to it
      • paste (Ctrl-V) the internet headers into the body of "message B"
      • send message B (with "message A" attached) to soc@uwaterloo.ca
        • Note: a real person will read message B. If you have comments you would like to include, you can put them in message B above the headers

Outlook (new Windows desktop client and web app):

  • Open the suspicious message ("message A") in a new window by double-clicking it
  • Click the "More Actions (...)" button located to the right of the "Forward(->)" button in the message window
  • In the "More Actions (...)" menu, hover over "View" then in the drop-down menu select "View message details"
  • Highlight all of the "Message details" pane and copy (Ctrl-C)
  • Close the "Message details" and message window
  • Click the blue "New message" button to create a new email "message B"
    • Paste (Ctrl-V) the message details of "message A" into the body of "message B"
    • Click and drag "message A" from your inbox list into the body of "message B"  to add as an attachment
    • Send message B (with "message A" attached) to soc@uwaterloo.ca
      • Note: a real person will read message B. If you have comments you would like to include, you can put them in message B above the headers

Outlook Mac desktop client

  • Hold "Control" on your keyboard and click on the suspicious message ("message A") in your inbox
  • Near the bottom of the drop-down menu select "View Source"
  • In the message source window, select all (Cmd-A) then copy (Cmd-C)
  • Close the message source window and select the desired message in your inbox by clicking it
  • In the top toolbar, under the "Home" tab click "Forward this message as attachment"
    • this will create a new message ("message B") with the suspicious message attached to it
      • paste (Cmd-V) the headers into the body of "message B"
      • send message B (with "message A" attached) to soc@uwaterloo.ca
        • Note: a real person will read message B. If you have comments you would like to include, you can put them in message B above the headers

More information

IST - Email security resources

IST - Identify suspicious email