Home » IT Services News » IT Services News No. 174 (Apr 2015) » Threats of Phishing Emails

Threats of Phishing Emails

While most spam emails only make one feels irritating, some may in fact be dangerous.  When email is used to deliver malware and trick a recipient into taking action and execute a malicious payload – we call it phishing. If the attack is personalized and targeted – that is spear phishing.  Both are dangerous. 

Like many renowned universities in the world, The University of Hong Kong is a target of spear phishing. A typically spear phishing email works like this:  an email, which appears to be coming from a legitimate source, informs the recipient that his/her email account has certain problem, such as exceeding the mailbox storage quota, and urge the recipient to respond by returning email or clicking a link in the email, to provide his/her account/password or other personal information.

In case you receive an email from an unknown source, which you are not certain if it is a legitimate email or a phishing email, DO NOT reply to it or click any links in it.  Simply delete the email or forward it to abuse@hku.hk or ithelp@hku.hk for advice.

You should always keep the security measures in your computer up-to-date with the latest security patches, and the latest virus signature for detecting malware. We update the information in ITS Spam Reports from time to time; and you are strongly recommended to check against these reports in case you receive a suspicious email next time.


John Lam
Information Security Team
Tel: 3917 5952
Email: joncclam@hku.hk