Introduction

This guide gives information on how to keep your account and the NHSmail service safe and secure from common cyber threats such as spam, junk, spoofing and phishing. A brief definition of each term is given below.

Junk – Junk email (also known as spam) involves the sending of nearly identical messages to numerous recipients.

Malware – A term used to refer to various forms of intrusive or hostile computer software, such as viruses, worms and trojan horses.

Phishing – The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.

Spam – Irrelevant or unsolicited messages sent over the Internet, typically to large numbers of users, for the purposes of advertising, phishing, spreading malware, etc.

Spoofing – The creation of email messages with a forged sender address. A forged sender address uses a respected or reputable origin email address to conceal the fact that the email has come from elsewhere.

This guide provides some information on how to spot common cyber threats and how to report these threats to the NHSmail service if you receive them.

How to identify common cyber threats

If you receive an email that you suspect to be spam, or suspect may be an attempt to spoof or phish your account, it is extremely important that you report this to the NHSmail helpdesk using the instructions in the Reporting Cyber Threats section of this document. Below are some tips on how to identify common cyber threats such as spam, junk, spoofing and phishing.

•  Check for legitimate URLs – hover your mouse over any URLs that the email is trying to get you to visit to make sure that it is legitimate. You should never open any links from unknown senders.
•  Request for personal information – a common tactic of spam emails is to alert you that you must provide or update personal information, including bank account details or an account password. You will NEVER legitimately be asked to provide your NHSmail credentials to anyone.
•  Urgent emails – if an email seems too good to be true, it most likely is. Be cautious of any email offering to place money into your bank account etc. If the email uses any kind of urgency, asking you to “log in now” for example, this may also be evidence of spam.
•  Incorrect grammar/spelling – many hackers use misspelled words and bad grammar on purpose. This is a tactic used to identify an easy target that may not identify the errors and may do as the email instructs them, such as providing bank/personal details.
  • Plain text/Absence of logos – the majority of legitimate emails will be written with HTML (HyperText Markup Language) and will be a mix of text and images. If an email is all plain text and does not include images such as a company’s logo, this may be evidence of spam.
•  Suspicious attachments – if a source that does not normally send you attachments, such as your bank, sends an email with an attachment, this may be evidence of spam. You should never open attachments from unknown sources.
• Legitimate sender – if you receive an email purporting to be from an official agency or bank, the sender address should reflect this. For example, an email that claims to be from a government agency but is sent from “abc.smith@yahoo.com” is clearly not legitimate. If you are in any way suspicious of the request, you should contact the sender by phone or other established channels (not those in the email) to confirm the legitimacy of the sender and the request.
•  ‘From’/‘To’ Address – If you notice that your email address is being used as the ‘From’ address, this is a sign of a fake email message. Furthermore, you should also be cautious if the ‘To’ field shows a large number of recipients.