I have received a phishing e-mail! What do I do?

If a suspicious e-mail appears to be from someone you know or work with, check with them to see if the message is legitimate. Do not reply to the email! That is asking for trouble! If it appears to be from someone you know, create a new email message to them, SMS, WhatsApp or call the person and ask if they sent you the mail. Do not forward the email, as that will just spread the potential phishing attack.

If the email claims to be from a company you use, like your bank, medical aid, couriers, or online retailer, go to their website and contact them from there. Once again, do not click any links in the email. Type in the website address yourself (or use your preferred search engine) and use their contact options to ask the company if they sent it out.

If it appears the e-mail was sent to a lot of people, such as communication about an online survey, contact the company or department and ask them directly to find out if they did sent out a communication to all customers.

There are four types of organization you can report phishing emails to:

• The university
• Your email provider (Like Google or Microsoft)
• A government agency
• The organization the email is allegedly from

Report it to the university.

If you receive a phishing email at your @SUN address, you should follow the university’s policy rather than doing anything else. Information Technology security policies require you to forward a phishing email to a specific address, fill out an online report, log a ticket, and merely delete it.

At the end of many phishing warning e-mails that we send out, there two methods that you can use to report phishing e-mails.

1. By reporting it on the ICT Partner Portal:

• Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115
• Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​

2. By sending an email:​​

• Start up a new mail addressed to csirt@sun.ac.za.​​
• Use the Title “SPAM” (without quotes) in the Subject.​​
• With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the – New Mail.​​
• Send the mail.​​

Report it to your E-mail provider:

E-mail provider’s like Google have a process that you can follow to report phishing emails. The mechanism varies from provider to provider, but the intended result is the same. The more data the company has on phishing emails, the better it can design its junk filters to prevent scams from ending up in your mail box.

If Google or Microsoft provide your email account, they have a reporting mechanism built into their clients.
In Google, click the three dots next to the Reply option in the email, and then select “Report phishing.”

You definitely don’t want to get any more emails from the person who sent you this phishing e-mail. Mark it as spam or junk, and your email client will block any further mail from that address. There is a very good article on how to do this in Outlook on How-To Geek. Keep in mind that a phisher will usually use a number of e-mail addresses that they control to send out phishing e-mails. If you block abc@phisher.com, then only this address will be blocked and not def@phisher.com. To block the entire domain you can use wildcard characters: *@phisher.com will block all mail from that domain.

You can add senders to a spam/junk list in any email client.

Finally, delete the email. Usually, this only sends it to the Recycle Bin or Deleted Items folder, so remove it from there as well. There’s no need to keep it after you report it.

You don’t need to run a virus scan or clear your browser history just because you received a phishing email. However, you should always be running an anti-virus program (Like McAfee or MalwareBytes), but it doesn’t hurt to scan your computer and mailbox from time to time.

If you run an anti-virus program that is updated regularly, then it should catch anything malicious before it runs. Of course, if you don’t click a link or open an attachment in the email, then it is highly unlikely that anything malicious has been deposited on your computer.

Phishing emails are annoyingly frequent, like flies on a cow pat. In most cases, if you are careful and diligent, your spam or junk e-mail filters will catch most of them, and you never see them. Sometimes, they don’t even get that far because the university’s mail servers will block them.

To defeat the few that do get through, just be careful and don’t click any links or attachments unless you’re sure they’re safe.
Millions of phishing emails are sent every day, but don’t worry – you’re not being singled out as the phishers only target. Just follow the simple steps I have covered above, and then carry on with your day.