Phishing and scam email guidance

Contents

Please contact IT Support immediately if you think that you may have typed in your username and password into a fake login page, or if you notice anything suspicious with your device, account or school systems.

CET uses Multifactor authentication (MFA) to help protect staff accounts from phishing and other hacking attempts. In addition to reading our phishing and scam email guidance below, please ensure that you have MFA set up on your account by following the guidance here.

We often get unwanted messages called “spam”, and malicious messages trying to trick us into revealing our login details or other personal information, called “phishing”. Follow the guidance below when using email to help you avoid falling foul of a phishing or scam email.

If you are asked to do something urgently, often out of the blue that involves paying for or buying something, or updating payment/bank details, always take time to review and confirm these requests using another means of contact, such as via a verified phone number.
Double check the sender’s email address – are there any spelling mistakes? If it has been sent from a colleague is it from their school email address? When replying to the message, is the email address correct or is it now coming up with a different email address?
Do not click on links or open attachments from unfamiliar sources.
Do not readily click on links in emails, hover over links with your mouse pointer before clicking them to check the address it goes to, if the address looks unfamiliar or has spelling mistakes do not click on it.
Be vigilant with any links or attachments received, even from colleagues/known contacts – are you expecting to receive the email from them, have they sent it to you in this way before?
Be extremely careful if you have clicked on a link and it then asks you to type in your email address and/or password – check the website address (addresses with non-standard domain names such as .host, .io, .site domains are very likely to be fake login pages), the fake login page may even contain the school logo.
Check with IT Support if unsure.
If you believe that you have typed in your credentials into a fake login page, contact IT Support immediately.

The banner below will be displayed on external emails that you receive as a reminder to not reply, click links or open attachments from unfamiliar sources. If you see this banner on an email received from a colleague please be aware that someone may be trying to impersonate them.

Emails from people you haven’t frequently communicated with will be marked with the banner below. These emails should be treated with caution, especially if you receive this message from an internal or external contact you have had regular interactions with before.

Example phishing and scam emails

Example “CEO Fraud” email, an email sent from a fraudster trying to impersonate a Principal/Headteacher or other senior staff. Never reply, if you are unsure if it’s real or fake call them via a verified known number. If it is a fake email inform IT Support so they can block any further emails and check who else may have received it.

Example fake invoice email, PDF attachment is actually an image that links to a fake login page. Hover over the link to check the website address.

Example bogus Office 365 emails with links that would take you to a fake login page to steal your login details. Double check the sender address and hover over the links to check the website address.