Makerere University

Enter a keyword or two into the search box above and click search..

Detecting Phishing Scams in your emails

You are here

This mail is a continuation of the last one we shared about “Why we need to change our passwords”. Whoever has access to your computer or communication service like email, could cause a lot of havoc.

Today we would like to remind us about “Phishing Scams”, these scams are on the increase and many times they catch us unaware, and our bid as DICTS is to increase on your awareness levels so that you may be equipped with information to avert many of these scams.


Phishing attacks are a type social engineering attack which are carried out to deceive users and manipulate them into doing something, such as;

  • Handing over sensitive information such as usernames, passwords, payment details, and other sensitive or personally identifiable information.
  • Tricks users into downloading malicious files such as fake invoices or macro-enabled Word documents which lead to ransomware or other forms of malware infections.
  • Leads users to technical support scams which manipulate them into calling premium rate phone lines or downloading malicious files such as banking Trojan malware.
  • If you notice your account sending many emails without you doing it, just know that’s a scam attack.


Recently one of us shared a phishing scam email and most of the times, the tone of the messages should be an indicator of what kind of person it should be.

The mail started by saying, “Hi Victim, my malware captured all your private info…., this is the address for payment, I give you 30 hours after you open my message for making the payment”. The emails could come in all sorts of forms and this is just a sample.

We encourage you not to panic but to immediately notify DICTS through and also to change your password immediately. Any link you click that you aren’t sure of could amount to it affecting other users by creating a denial of service, you find that you can’t access mail easily, it is very slow or you just can’t do any communication at all.

NB. Also watch out for Top level domain attacks, these attacks are a type of phishing attack which is performed by registering domains with similar names to companies and hosting webpages which appear to be the real service or business with the intent to trick the real customers or employees.

For example, take a look at the two domains below: and

You can’t tell the difference between the last parts .io and .jo

DICTS will in no way ask you to pay any money or ask you to click a link that isn’t in the mak domain. We therefore encourage you to be vigilant and to look out for scams, choose not to be a victim by paying attention to what comes into your email. Avoid clicking links or downloading attachments you aren’t sure of the source. And always log out of any of your accounts, do not leave them open.