Impersonating a colleague

The latest phishing emails are employing 'impersonation scams' to target Trinity staff. This scam often involves copying identifying elements of Trinity or one of your colleagues for fraudulent purposes. Simply put, the fraudster is pretending to be someone you know in order to gain your confidence.

How do impersonation scams work?

These particular phishing emails are designed to apply pressure to get you to act quickly 'to pay an invoice' or to trick you into giving away important information, such as your login details or financial information.

Successful attacks can lead to a wide range of unwanted consequences like financial loss, data theft, or malware infections.

Here are some tips for spotting and avoiding impersonation phishing scams

Is this email really from who it says it is from?

Fraudsters can alter the 'display name' that email appears to be sent from and you should always inspect the email address. Hover your mouse over the sender's name to see the sender's email address in more detail. Check the actual email address is from @tcd.ie and is not an external address to Trinity.

For example, you might see an email in your inbox from Louise Miller, a colleague you work with in Trinity, but when you reply or view the sender's email address you see the actual email address is office654@gmail.com. A fraudster has simply changed the display name on an external Gmail email account to appear as if the email is from your colleague @tcd.ie

Unfortunately especially when reading email on phones and tablets you may not be able to see the sender's email address clearly so we urge you not to reply or respond to any email asking for a financial action on these devices.

Is there a sense of urgency in this message?

You should be sceptical of phrases that encourage you to 'act now' or 'you must pay this invoice immediately'. Slow the conversation and give yourself time to verify the information provided. Contact your colleague with a call to verify before taking any action.

Does the web address match the link?

Pay close attention to where links in messages are sending you. Before clicking, hover your mouse over the links to see out the destination of any links in the message.

Would I normally get this type of email from this person or organisation?

Don't click, don't download, don't respond if you're at all sceptical. Call your colleague and speak to them to verify the request before taking any action.

Keeping IT secure

We have lots of helpful information on our website to help you navigate your way through keeping you, your devices, and your data safe.

Our aim is to provide support and guidance to help keep you proactive rather than reactive where IT security is concerned.

If ever you're unsure, then know that we're happy to help.