Skip to main content

"By creating we think, by living we learn" Patrick Geddes

Main University menu
 

Intranet

Templates Top-Level Menu

Spam, Phishing and Junk Mail

Spam is email you did not ask for and typically do not want. It is usually used to persuade you to buy something.

Phishing email is used to try to steal your identity. This may be done by asking you to enter details into a webpage or install software on your computer to gather personal information about you.

What you should do with spam and phishing emails

The majority of these emails are identified as spam and delivered to your Junk Mail folder. It is safe for you to ignore and delete them. If you find an email that may be spam, phishing or you regard as suspicious in your Inbox, please let us know (particularly if you've interacted with it) by sending it to us by way of the following instructions.

 

Using Outlook 
Send (do not forward)it to us as described for your operating system below:

   Windows 

  • Click on ‘New Email’
  • Enter the addresses spam@dundee.ac.uk and help4u@dundee.ac.uk in the ‘To’ field 
  • Click on ‘Attach Item’ then ’Outlook Item’ 
  • Select the suspicious email you wish to attach 
  • Click ‘OK’ 
  • Copy and paste the suspicious email subject line into the new message subject line and leave the body of the new message empty 
  • Click ‘Send’

   Apple 

  • Right click on the email in your inbox
  • Select 'Forward As Attachment'
  • Enter the addresses spam@dundee.ac.uk and help4u@dundee.ac.uk in the ‘To’ field 
  • Copy and paste the suspicious email subject line into the new message subject line and leave the body of the new message empty
  • Click ‘Send’


Using online email/webmail
Send (do not forward) it to us as described below:

  • Create a new, blank message and enter the addresses spam@dundee.ac.uk and help4u@dundee.ac.uk in the ‘To’ field 
  • Click on the ‘pop-out button’ at the top right of the new message 
  • Drag and drop the suspicious email into the body of the new message 
  • Copy and paste the suspicious email subject line into the new message subject line and leave the body of the new message empty 
  • Click ‘Send’

 

Microsoft provide a useful guide on how to recognise phishing email or links.

What we do to protect you from spam and phishing

We use Microsoft Forefront Online Protection for Exchange to detect and label spam. Emails suspected of being spam are then sent to your Outlook Junk Mail folder.

It’s not 100% accurate, so occasionally you may see spam messages in your Inbox and legitimate messages in your Junk Mail folder.

What do you do with emails I report to you?

We pass them to Microsoft who analyse the email and adjust the filters to correctly identify the message as spam. We also adjust webpage filters to block phishing links and attachments.

If the suspicious email is confirmed to be illegitimate and contains malicious content, is from a spoofed sender or designed to capture private information (e.g. login or payment details), we communicate this to the University community.

[New] Helping you make good choices with warning messages

A Sender Policy Framework (SPF) will be applied to the University’s email system from Tue 15 Aug 2017. SPF passes your received email through an automatic 'check' to:

SPF inserts a warning message into any emails that fail either/both of these checks to let you know they carry the tell-tale signs of an illegitimate message. From then on, it is up to you to make some informed decisions.

 

Will I notice anything different?

Potentially, yes. If any of the emails you receive fail the SPF check, they will be tagged with text (outlined below) in the subject line and within the email body itself as a header to highlight this to you:

  • Subject line: 'UNVERIFIED SENDER'
  • Email body: 'The University e-mail system cannot verify the authenticity of this message; treat it with caution'

Does that mean it's definitely spam?

No. The check itself is not 100% fool proof and on occasion, it may fail legitimate emails. If there are grounds for you to think this is the case, for example you were expecting an email from that person or on that subject, personally check with the sender to confirm their email is genuine before engaging with anything in it.

What is it for?

SPF is here to enhance your ability to identify malicious emails, not to replace your important and continued role in the process of doing so. Please always consider each email you receive with care and exercise the sound thinking we've shared with you on many occasions before interacting with any links, attachments or calls to action they contain, as we know you already endeavour to do.

What should I do if I receive an email with the warning message?

  • Follow the advice given above and be cautious with it until you are confident it is legitimate. If you cannot confirm this yourself, please contact IT via Help4U so we can investigate on your behalf.
  • Follow the instructions above in the event the email is suspicious and we will apply appropriate technical measures to prevent that sender entering anything into your email system again.

Why are we doing this?

Every day brings with it more headlines about accounts being hacked, ransomware attacks making their way around the world and systems being compromised. The University takes security seriously and SPF is a small factor we can introduce that will help you contribute to keeping your place of study or work as cyber safe as it can be.

 

What to do with emails incorrectly placed in the Junk Mail Folder

If you get legitimate email delivered to your Junk Mail folder and it should be in your Inbox: right click and choose Junk Mail > Not Junk. This will add the sender to your trust list.

Edit