LSE staff and students are regularly the target of spam and phishing emails.
Recently IMT has received reports about spam emails containing malicious word or excel attachments. These emails are carefully crafted in order to dupe you into opening the attachment, for example by pretending to come from a government authority, a delivery company or even from a spoofed LSE email address (for instance the sender address appears as HR@lse.ac.uk, reception@lse.ac.uk).
Please note: opening the attachment is likely to install trojan type malware onto your PC or Mac, which can be difficult to detect with anti-virus software. This malware can lead to files you have access to being encrypted by so-called ransomware, your user account details being compromised and abused by spammers, or even identity theft of personal or bank account information.
Some examples of typical spam email subject lines include:
- Outstanding invoice
- Tax return
- Your xxx order has been shipped
- Scan as requested
- UKMail tracking information
- Employee documents
If you’re sure something you’ve received is spam:
- Use your email client or provider’s spam settings to block the email sender (e.g. In Outlook right click the message, select ‘Junk’ and then ‘Block Sender’)
- Permanently delete the email without opening any attachment
If you’re unsure whether a message is spam or not:
- Report it to IT Service Desk – it’s better to be safe than sorry
If you have open attachments or clicked on links contained in a suspected spam email, or if you have given out your credentials through the link, please contact the IT Service/Help Desks as soon as possible:
- it.servicedesk@lse.ac.uk | 020 7107 5000 (staff and post graduate research students)
- it.helpdesk@lse.ac.uk | 020 7955 6728 (taught students)
Your account will be disabled while we check for any viruses or malware on your device. Your password and security settings will need to be updated in due course.
For more details about how to stay safe online, please see the Information Security webpages
