skip to content

Unwanted email and how to deal with it

Reporting scam or phishing emails

Please forward to including the header information (how to do this).

Reporting offensive or threatening emails

If you receive offensive/threatening email directed to you personally, see the UIS's advice on harassing email.

Not sure if it is genuine or fake?

If you receive an email and are unsure if it is genuine please forward the email asking for guidance.

Common scams and phishes

  • You receive an email apparently from someone senior in the university who "needs a favour" (and usually urgently). The favour usually involves buying gift cards for a relatives. Frequently the apparent sender is a Head of Departmernt but even the Vice Chancellor has been impersonated.
  • You receive an email apparently from IT stating that there is some issue with your computer account or email account that needs your (usually) urgent attention (otherwise your account will be locedked or deleted, etc). Here us a fairly obvious but genuine example (crsid changed):
    -------- Original Message --------
    Subject: e-mail account comfirmation
    Date: 2021-08-06 16:44
    From: <>
    To continue using your address , please confirm your ownership,
    Continue [1] 2021
  • Scams are often topical. They may refer to covid, HMRC, energy subsidies.

Dealing with spam

There is usually no point in reporting ordinary spam as it tends to be sent from a forged address making it impossible to track down. If you receive a lot of unwanted email from the same address and don't consider it worth reporting, you can delete it automatically. How to configure spam filtering.


Don't reply to spam.
Your email address may be found from (among others) usenet postings, websites, mailing lists, or simply by guessing. Never reply to spam as either this confirms to them that they have emailed an active email address or if the real sender forged the from address of the email, your reply will go to an innocent victim.
Don't follow links in spam emails.
The page they link to may be a copy of a website you use regularly, designed to trick you into entering your account details. If you think the email might be real, go to the organisation's website via your bookmarks or Google.
Don't open attachments you weren't expecting.
Viruses are frequently transmitted through email, and even if the message came from a friend, they may not realise that their computer has been infected. Save the attachment and scan it before opening it.
Don't panic about spam from Cambridge addresses or collateral spam.
Spammers almost always use fake addresses, and can forge email from any address they want. This means that you may receive spam appearing to come from a Cambridge address (even your own) or messages complaining that you sent a spam when you did not (collateral spam). Forging an email address is simple to do and does not mean that we have been hacked.
Don't forward virus warnings or chain email.
Real virus warnings will never ask you to forward them - however many hoaxes do. Viruses can also spread by emailing everyone in your address book and asking them to email everyone in their address book.