Santander Phishing Email Notice

A malicious phishing email campaign targeting University staff and students was sent yesterday. The email purported to come from Santander and contained a link which, when clicked, routed to a fake Santander login page designed to harvest credentials.

Actions we have taken

With approval from the IT Security Manager and the Data Protection Office, we ran a search for the phishing email and deleted it from all recipient mailboxes.

This action was taken to protect both the University and the personal accounts of staff and students.

However, in some cases, the message existed in Inboxes for up to 35 minutes. This means there is still a risk recipients may have acted on it.

There is also the possibility that similar styles of phishing were sent which were not removed from inboxes.

What should you do?

If you have a Santander account, and you clicked the link in the phishing mail, and entered valid credentials into the login page, please check your Santander account immediately by logging in directly on the official Santander site or app.

If you have lost funds or are concerned about the Safety of your account, contact Santander immediately (via official channels).

If you clicked the link but took no further action, please reset your University account password immediately and contact the Service Desk to advise.

If you see this or a similar style of attack please report it urgently by contacting the Service Desk or forwarding to

For information on how to spot phishing visit the Information Security section of Toolkit: