Iron Rule 4 | Beware of Phishing

To report a suspicious email contact the IT Service Desk.

Phishing emails are an attempt to collect your confidential information (usernames, passwords, or bank details) by sending an email pretending to be from a trusted source.

LSE is heavily targeted by phishing attempts. This is partly due to its large user base, but also because @lse.ac.uk is reputable and our email addresses are easily accessible from our website.

Some phishing signs to look out for...

  • The email urges you to click on a link that takes you to a non-LSE website.
  • Carefully check URLs of any site you are sent to. Is it LSE (.lse.ac.uk) or is it something else (lse.ac.uk.cn or ezweb123.com)?
  • Hover your mouse over the link. This will tell you the address you are being sent to, which might be different from what you are told by the link text.
  • The sender claims you need to change your username and password, but the email has not originated from LSE.
  • An urgent request for your personal information including LSE username and password.
  • The entire text is contained within an image, or a URL is embedded which looks like a trusted site, but which if you clicked on will take you to a bogus website.
  • The email wants you to download an attachment that you weren’t expecting.
  • The email uses poor English spelling and grammar, or is articulated in an unprofessional way.
Please Note: In any email we genuinely send you about password expiries, we will NEVER include a link to click on in order to change passwords

Remember if you suspect an email is not legitimate, do not reply, and do not click on any links or download any attachments. If you have any doubts, contact us! 

Advice and Actions

What to do if you have responded to a phishing attempt

If you have replied or clicked on links contained in a suspicious email, or if you have given out your credentials through the link, please contact the IT Service Desk as soon as possible: it.servicedesk@lse.ac.uk  

Your account will be disabled while we check for any viruses or malware on your device and your password and security settings will need to be updated in due course.

How to report a phishing attempt


To report a suspicious email, use the following steps:

  • Create a new email in Outlook, with ‘Phishing Attempt’ in the subject line
  • Click on ‘Attach Item’ (envelope and paperclip icon) and select the phishing email from the list
  • Send to: it.servicedesk@lse.ac.uk 

How to reduce spam

Spam often refers to junk mail or unsolicited emails.

To minimise the amounts of spam, be cautious of registering or publishing your LSE email address across various online services or social networks.

Be cautious of the phone apps you are downloading which can share with third parties some of your information, and never respond to a spam, including to ‘unsubscribe’, as this incurs more spam.

Set the email rule under your LSE account, to direct the spam or any other unwanted emails straight to the junk box. 

Protecting personal emails

To protect your personal emails, use the spam email filter.

Almost all major email services do some basic filtering before messages hit your Inbox, and provide you with options to block unwanted emails.

For more protection you can also purchase add-on spam tools for your personal machine to weed out and stop junk mail.  

Related Information