What is a Phish

Phishing is the name given to the practice of sending emails at random, purporting to come from a genuine organisation. This sort of email attempts to trick the recipient into entering confidential information, such as credit card or bank details, usernames and passwords. The links contained within the message are false, and often re-direct the user to a fake web site. You may have noticed the below Phishing poster on a noticeboard near you (click to enlarge).

If you believe you have received a phishing email you can contact the IT Service Desk on ext. 11111 to request advice on what to do – this is especially important if you have clicked on any of the links in the email or disclosed any information such as your login details or other personal/account information.

Alternatively if you are confident that an email is a phish or spam and don’t require advice, you may wish to forward a copy of the phishing email to as this will help them identify when phishing attacks are affecting lots of staff/students and inform any advice which may be issued.


  • Follow this link to the Cardiff University Phishing Exercise which ran between June 13th and July 8th 2014.
  • Test your ability to spot a phish here.


There is another way online criminals can try to scam you and this is called vishing – you can read what this is and how to protect yourself here.