Instituto Superior Técnico

Serviços de Informática

How to proceed in case of receiving a fraudulent e-mail (Phishing)?

In the event of receiving a fraudulent email message, commonly known as phishing:

  • never click on or open links contained in the message;
  • never open attachments of suspicious messages;
  • never inadvertently send personal data in response to a fraudulent message.

If it is a fraudulent email, the actions described above may exploit vulnerabilities in the email application and/or browser, which may automatically infect the user’s computer. The sender of these types of emails can normally appear to come from a legitimate person (eg within the IST infrastructure).

In this regard, it is suggested to carry out one of the following actions:

  • delete the mail. In this case, the sender of the message may re-send fraudulent emails.
  • classify the mail as SPAM. In this case, the reception of messages from the same sender will be blocked, preventing future phishing. The procedure to configure an email address as SPAM in Técnico’s webmail can be consulted in the respective tutorial.

In case of doubt, contact the IT Services Department (DSI).

DSI never sends emails to users asking for personal information or credentials.