Advice and Guidance

What is phishing and how to keep you, your data and your devices safe from cyber-crime.

CSW Advice and guidance stickers

Subscribe to Status Hub today! Customise your email alerts, so you only receive status updates of IT systems you're interested in

More information on how to ensure your data and devices are protected from common cyber security attacks and threats, can be found via the Information Security Toolkit.

Check out our cyber videos (shorts) for interactive guidance.

Cybercriminals will often use fraudulent communications as a means to trick unsuspecting users into sending them their confidential data.

Examples of fraudulent communications seen by the university include the following:

Phishing identity


Phishing is a form of fraud that includes malicious emails designed to gain personal information and may appear to come from a genuine source. Emails often include links to bogus websites or attachments, which appear to be normal files (e.g. Word, Excel or PDF) and are harmful.

How to spot Phishing?

IT Services have technical controls in place to filter out spam before it reaches your inbox, but phishing techniques change and some will inevitably 'get through'. 

  • Check who sent you the email, being particularly suspicious of emails asking for personal or financial information.
  • Do check the quality of emails.  Misspelling, poor punctuation and bad grammar are tell-tale signs of phishing.
  • IT Services will never send you an email asking you to confirm your username.
  • Never respond to any email which asks for your account details or requests you make a payment.

Identifying phishing can be harder than you think. Can you tell what's fake?

Take the quiz

Examples of Phishing

Here are some examples to help you to identify a phishing attack:

1. Blue button phishing Email


Blue button phishing email. From: a valid UWE or other contact address. To: your email address. Subject: Re: Invitation to take part in a research project - online survey. Warning message: If there are problems with how this message is displayed, click here to view it in a web browser.


Signs that it is a phishing attack:



Blue Button Explained: The sender will be someone you've had contact with previously; The subject may relate to something you have been working on; The body text will contact a blue/green button; Hovering over the link reveals a suspicious unknown web address; No UWE specific user information, such as contact details or signature.

2. Fake warning from IT

Fake warning from IT Explained. Non-existent sender address. No personal greeting. Request to revalidate or confirm account details. No UWE specific information such as ITS contact details. Hovering over the link reveals a suspicious unknown web address (

Signs that it is a phishing attack:

Phishing Email 1 Explained. Non-existent sender address, this email address does not appear in the Outlook address list. No personal greeting. Request to revalidate or confirm account details. No UWE specific information, such as ITS contact details or signature. Hovering over the link reveals a suspicious unknown web address (

3. Email containing infected document

Email containing infected document. From: "Clare Harding" []. To: Subject: FW: Purchase Order 0000035394 customer 09221. Attachment: Purchase Order 0000035394.docx. Body text: Dear customer, Please find attached a copy of our order (reference 0000035394), your reference. If you have any questions regarding the purchase order please contact us using the details below. Clare Harding, Purchasing Manager, Casters Packaging Ltd, Packaging House, Wilson Way, Pool, Redruth, Cornwall, TR15 3RT. Fax: +44 (0) 1209 315 600.,

Signs that it is a phishing attack:

Email containing infected document explained. Sender is a real company. An internet search revels that they were the victim of a cyber attack that took control of their email systems. Malware can spread through infected office documents. Non-specific greetings. References to unknown financial transaction involving unfamiliar companies.

4. Document emailed from government organisation

Document emailed from government organisation. To: Subject: Your Online Submission for Reference 475/RA2949502 Could not process. Attachment: { Contains: GB3370106.pdf.scr}. Body text: WE could not process your Full Payment Submission. The submission for reference 475/RA2949502 was successfully received and was not processed. Check attached copy for more information. This is an automatically generated email. Please do not reply as the email address is not monitored for received mail.

Signs that it is a phishing attack:

Document emailed from government organisation explained. Email supposedly from government address to a work account. Poor grammar. File disguised as pdf but is actually an executable program. No personalised greeting and unprofessional structure. Reference to unknown financial transaction.

5. Document emailed from UWE staff account

Document emailed from UWE staff account. From: To: Subject: Your documen. Attachment: { Contains: document7912.exe }. Body text: To view your document, please open attachment.

Signs that it is a phishing attack:

Document emailed from UWE staff account explained. Poor grammar. File name as a document but is actually an executable program. No personalised greeting or explanation of attachment. No UWE specific user information, such as contact details or signature.

Vishing icon


Vishing’ or ‘Voice Phishing’ is a type of fraudulent activity where criminals attempt to persuade victims to hand over personal details or transfer money over the phone.

Never give personal information (e.g. passwords, banking details, credit cards details) over the phone to someone who has called you.

If you do receive such a call or you are in any doubt about the authenticity of the call, simply hang up. You can always phone the organisation back using a number from a verified source.

How to spot Vishing?

Information: The criminals might not be very convincing and may know nothing about you. Alternatively, they could already have some information on you such as your name, address or phone number, but needing a little bit more. This can create the impression that they seem very genuine.

Urgency: If you receive a call you will inevitably find that you will be hurried into providing them with the information that they need. They will do this in order to panic individuals in the hope you hand over your information without being able to think it through too much. Fear often leads people into acting without thinking.

Phone Spoofing: This is when a phone number appears to be coming from a genuine source (e.g. your bank or credit card company). This is a technique used by cybercriminals to hide their identity.

Remember, if you are in any doubt simply hang up and contact the organisation using a number from a verified source.

Smishing icon


SMiShing’ or ‘SMS Phishing’ is where text messages are sent trying to encourage people to pay money out or click on suspicious links. Sometimes attackers will try to get victims on the phone by sending a text message asking them to call a specific number, in order to persuade them further.

How to spot SMiShing?

Unsolicited text messages from unknown numbers should raise alarm bells. If you are in any doubt:

  • delete the message
  • contact the organisation using details from an alternative verified source (e.g. company website)

Who should I contact if I'm not sure?

Password icon


A unique and strong password reduces the risk of data breaches and protects you from many threats such as identity theft. One of the most common ways that hackers break into computers is by guessing passwords.

The University will never email or call you to confirm your password.


  • Change your password immediately, using Password Manager:
    • if you suspect a data breach.
    • if you suspect it has been compromised.
    • when you first receive it.
  • Make passwords difficult to guess: 
    • Keep your passwords unique.
    • Use a passphrase (see below for more information on how to create passphrases).
    • Mix upper and lower case letters, along with numbers and special characters (e.g. %^!#).
    • Use a minimum of eight characters - more is better.


  • Share passwords with anyone.
  • Write passwords on a note or store them where they can be accessed by others.
  • Make passwords using personal information, such as your name or family names.
  • Just capitalise the first character or only add a number to the end; this is well known to hackers and they test for it.

Need help remembering?

Adopt a passphrase

Passphrases can be more secure and easier to remember, because they are based on memorable words only you know.

Explore using two words separated by a number or a punctuation character, such as Pr0%F0otb@ll or F@5t#F00d.

You can use a combination of insert and replace, for example: clockwork could be (l0(kwoRkS.

Please note: The passwords above are examples and must not be used as your password.

Use a password manager

It can be difficult to remember many strong and unique passwords and this is where a credentials (username and password) manager can help. You only need to remember one strong master passphrase that protects all of your credentials in a secure vault. Many will provide useful features that make your online life easier while being more secure, such as automatically entering your credentials and generating new strong passwords for you.

The University does not support a single product, however, there are several free and paid-for tools such as KeePass, LastPass, and 1Password.

Caution: If you choose to download a password manager and forget the master password, IT Services will not be able to restore it.

Who should I contact if I'm not sure?


Cyber Essentials Badge





UWE Bristol is a Cyber Essentials certified organisation.

Back to top