Gaining access to you email is one of the most common ways for someone to monitor your schedule and communications. A person can also access private information or impersonate you for malicious ends.
Vigilance and knowledge of what to look out for will help prevent unauthorised access to your account. It will help you take swift and effective action if you suspect there has been a breach.
Basic security
If you have not already, please read the information on password security.
Always log out of your email after every time you use it.
Never save your login details to your browser.
Regularly clear your cache and cookies. If you're unsure how to do this, there are guides online.
Be aware of how much information you're sharing
Think about how much information you want to be sharing. Your email signature can give someone a lot of information about you. For example:
Jane Bloggs
Lecturer
Centre for General Studies
Office room 103 (Where you are on campus)
Lord Hope Building
141 St James Road (Your exact postal address)
Glasgow
G4 0LT
jane.bloggs@strath.ac.uk
0141 548 4444 (Your contact details)
Office hours: 1pm to 3pm Monday, 2pm to 4pm Tuesday, 1pm to 3pm Thursday (What time you'll be coming and going from your location on campus)
Facebook: @janebloggs88 (Username contains year of birth, indicating age)
Twitter: @govanhilljb (Username indicates where you live)
Save the planet! Cycle more! (This might indicate how you travel to and from campus)
University email address list
All University email addresses are listed on the Global Address List unless you request otherwise. This means other people with a University email account can look you up and find your email address. If you do not want to be listed on the Global Address List, email help@strath.ac.uk.
If you decide you want to change your email address or how your name appears on your email account, email help@strath.ac.uk.
Be vigilant
Look out for unusual activity on your account.
Regularly check your Sent Items and Deleted Items folders. Ensure everything there was put there by you.
Check your Forwarding and Rules to ensure none of your email is being redirected or copied to another account. For information on how to do this on your University email account, please see our guide on how to Check Rules and Forwarding (pdf).
Check when and where your account has been accessed. Ensure every login was made by you. For information on how to do this on your University email account, please see our guide on how to Check your email account activity (pdf).
If you have any doubts or suspicions that your University email account has been accessed by someone other than yourself, please contact help@strath.ac.uk.
How to spot suspicious or spam email
One of the easiest ways to gain access to your email account is through spam.
Sometimes this will be general spam sent by unknown people or groups. They are attempting to get any personal information they think they can use to make money.
Sometimes this will be targeted spam. This is sent by someone specifically to you, with the intention of invading your privacy and causing harm.
Knowing how to spot a spam email is the best way to avoid them accessing your information.
Look critically at any email from someone you do not know personally, or any unsolicited email. Check if they have addressed you by name, or display any knowledge of you that they could not easily have guessed. For example, an email like jane.bloggs@strath.ac.uk is likely to belong to a Jane Bloggs working or studying at the University of Strathclyde. It's easy to guess this info while having absolutely no knowledge about the person.
Check the email address. Even if an email address says it has come from Jane Bloggs or IT Helpdesk, check that the email address looks like belongs to that person or organisation. For example, if the name is IT Help Alert, but the email is 12345@gooddealz.biz, that is spam and is not a legitimate email.
If an email has come from outside the uni, it will show this warning:
CAUTION: This email originated outside the University. Check before clicking links or attachments.
Stay calm
Most spam emails will demand action on pressing, distressing or threatening matters. For example, it may say your account has been disabled, and you need to click on a link to enable it. Or it may say it has intimate images of you, and you need to click on a link to pay them or they will distribute the images. Or it may say you're in trouble with the law, and you need to click on a link to clear up this matter. Do not be tricked into reacting out of panic! Always think critically about who is telling you this information before acting.
Do not click on links in spam email. Do not open any attachments it may have. Do not download files it contains.
What to do with suspicious or spam email
If you believe the email is targeted, forward it to help@strath.ac.uk. You may be asked to provide full header information, if you're unsure how to do this please see Finding full header information in an email (pdf).
If the email is not targeted, delete it from your Inbox, then delete it from your Deleted Items folder.
If you're in any doubt about a suspicious email, forward it to help@strath.ac.uk.
What happens if someone else accesses my email account?
If you discover someone else has accessed your email account, report it immediately to help@strath.ac.uk.
If the university discovers, or even suspects, your account has been accessed by someone else, it will suspend your account. This is a security response to protect you. While your account is suspended, no one will be able to access your account.
We'll then inform you that your account has been suspended:
- if you're a student, we'll email you on the back-up email address on your student record
- if you're staff, your Departmental Computing Officer will inform you
We'll ask you to reset your password. Change your password to something you have never had before.
Once you have reset your password, let us know by contacting help@strath.ac.uk, and we'll unsuspend your account. This means we know only you have the current password to enter your account.