Suggested IT Security Resources

What to do if you receive a phishing email?

If you receive a phishing email that contains a QR code, a link or an attachment, you should take the following steps to protect yourself and your data.

How to report Phishing

Report the Email: Report the email as a phishing email from within outlook This helps improve email security for other users and may also help in tracking down the attackers.

Quishing

 

If you have received a “Quishing” email and have scanned the QR code and provided sensitive information, such as your TU Dublin username and password, change your password immediately here and contact the IT service desk (itsupport@tudublin.ie) where they can check for any suspicious activity on your account.

In a quishing attack, cybercriminals create QR codes that appear to link to legitimate websites or services but actually redirect users to malicious websites or phishing pages. These malicious websites are designed to steal personal information, such as login credentials, credit card details, or other sensitive data, by imitating trusted websites or services.

Do Not Click on Any Links or Scan QR Codes: The first and most crucial step is to avoid clicking on any links or scanning QR codes in the email, especially if the email is from an unknown or suspicious

Do Not Download Attachments: If the email contains attachments from an unknown or unexpected source, do not download or open them. Malicious attachments can contain malware that can infect your device.

Check the Sender's Details: Examine the sender's email address and the content of the email carefully. Look for signs of suspicious or unusual behaviour, such as spelling errors, generic greetings, or requests for sensitive information. 

Verify the Source: If the email claims to be from a reputable organization or service, independently verify the information. Do not rely solely on the email's content or links. Visit the official website or contact the organization directly through trusted contact information to confirm the legitimacy of the email.