Phishing - What is it and how to avoid it!

Phishing is a form of online fraud. In a typical phishing incident, you may receive an email or pop-up message that claims to be from IT Services or another business or organisation that you may have previously dealt with. The message may ask you to ‘update,’ ‘validate,’ or ‘confirm’ your account information.

Trinity staff and students should treat any email that asks for your username and password details with extreme caution. The consequences of falling victim to a phishing attempt are not limited to your own account, but could affect the Trinity community as a whole. One compromised account could potentially endanger vast amounts of sensitive data. Or, one compromised account distributing large amounts of spam could result in Trinity losing email as a service entirely for a period of time.

IT Services will never ask for your username and password in any email we send. You can confirm the validity of any communications from us by searching our website or by contacting the IT Service Desk.

What to do if you’ve received a phishing email

If you have received a phishing email, you can report it to the IT Services desk by following the instructions on the following page:

How to report a phishing email

If you have replied to a phishing email or clicked on any links within the email body and entered your Trinity computer account username and password please immediately:

  1. Change your password
  2. Report the incident to the IT Service Desk

Protect yourself from getting phished

It is easy to be alarmed by a phishing email, they are designed to convey a sense of urgency to get us to act without question. They may appear to come from a legitimate business that you have previously dealt with or a colleague.

Check out the below links which will help you learn how to identify phishing emails:

Simulated phishing exercises conducted by IT Services

From time to time, IT Services will conduct simulated phishing exercises on our users. 

As Trinity is a prime target for cyber criminals, these simulated phishing exercises are designed to get an overview of how vulnerable the University currently is to phishing attacks. 

This data helps us to then educate our user base on how to avoid falling victim to a phishing attack.