Our Cyber Security Team is aware of an ongoing phishing campaign that is targeting University email addresses.
Phishing occurs when cybercriminals pose as legitimate institutions, usually via email, to obtain sensitive information. In the case of this campaign, emails are being sent to University addresses, appearing to be from internal accounts. Examples identified so far have included either recipients’ own email addresses, or legitimate-looking addresses like ‘[email protected]’.
To help you identify them, below is an example of one of these phishing emails:
The hyperlink found in this email will take you to a page designed to resemble the standard Microsoft 365 login page – however this site will allow the cyber-attacker to take a copy of both your email address and password, if you fill in this information.
What should I do?
Please remain vigilant of suspicious emails.
If you have received what you suspect is a phishing email and clicked on the link, please:
- Update your password as soon as possible and
- Clear all cookies/cache from your web browser
- Guide to clearing cookies/cache in Google Chrome
- Guide to clearing cookies/cache in Microsoft Edge
- Guide to clearing cookies/cache in Apple Safari
The University’s Cyber Security team is reviewing and deleting phishing emails as soon as they are identified.
If you spot any emails that look suspicious, please remember that you can report these emails to the Cyber Security team – here’s a guide to reporting phishing emails in Outlook.
