While most spam emails only make one feels irritating, some may in fact be dangerous. When email is used to deliver malware and trick a recipient into taking action and execute a malicious payload – we call it phishing. If the attack is personalized and targeted – that is spear phishing. Both are dangerous.
Like many renowned universities in the world, The University of Hong Kong is a target of spear phishing. A typically spear phishing email works like this: an email, which appears to be coming from a legitimate source, informs the recipient that his/her email account has certain problem, such as exceeding the mailbox storage quota, and urge the recipient to respond by returning email or clicking a link in the email, to provide his/her account/password or other personal information.
In case you receive an email from an unknown source, which you are not certain if it is a legitimate email or a phishing email, DO NOT reply to it or click any links in it. Simply delete the email or forward it to firstname.lastname@example.org or email@example.com for advice.
You should always keep the security measures in your computer up-to-date with the latest security patches, and the latest virus signature for detecting malware. We update the information in ITS Spam Reports from time to time; and you are strongly recommended to check against these reports in case you receive a suspicious email next time.
Information Security Team
Tel: 3917 5952