Phishing attacks - be on your guard!

Phishing attacks - be on your guard!

We have received multiple reports of deliberate phishing attacks on UK Universities over the past week. We all need to be vigilant.

What’s happening?

Fraudsters are sending out a high number of phishing emails to University email addresses claiming to be from their HR department.

The email claims that you are entitled to a pay rise and invites you to click on a link to claim it.

The link takes you to a spoofed University web page asking you to enter to your personal information such as your University login and financial details.

Your financial details can then be used by fraudsters, and your login details are usually passed around and sold for future fraud campaigns.

What should you do?

As the prevalence of such messages is very high at the moment, we all need to be particularly vigilant.

If you think you’ve received a phishing email, don’t respond. Trust your instincts and just delete it.

Not sure if an email is genuine?

Don’t click on any links or open any attachments. Just clicking on a single link in a phishing email could have a catastrophic effect, causing your files, your School’s files, and College files to be damaged beyond repair.

Do read the content carefully. There are many clues which if you’re vigilant are easy to spot. See our fact sheet for guidance on how to spot a phishing scam.

Don’t rely on information provided in the email. If you think you need to act on an email, look for other ways to contact the sender directly.

If in doubt, throw it out!

Still unsure? Just delete it.

Or contact the Service Desk for advice – or

And remember

The University, your bank, or any other reputable business will NEVER ask you to reveal, update or verify sensitive information – such as password, username, and account details – by email. If you receive an email that asks for this information, delete it.