Security Alert – green button phishing emails doing the rounds

DON’T PUSH THE BUTTON!

There is a new email scam doing the rounds. This one is targeting staff and students.

Despite appearance, this spam email is quite sophisticated in that it uses the title of a genuine email that you have replied to previously in order to trick you into believing it is authentic.

If you click this link it will take you to a BBC website but in the process collects your private user credentials. It then uses these credentials to send out more harmful emails from your account. On mobile devices the email sometimes appears with a green button saying ‘Display Message’.

Do not open this email as it could damage your work and computer and may make your private details vulnerable.

If you open the email you will either see:

> in Outlook or Office365: a blank email with one line like this – 07:14:21 31-December-2018 (Stir)

> on a mobile device: a green button with text ‘Display message’

Examples of each type are below.

Example of how this scam email would look in Outlook or Office365
Example of how this email would look on a mobile phone or if you click forward in Outlook/Office 365

If you have clicked the link in one of these emails, please immediately change your network password by using the ‘Change password’ function on your portal homepage (top left under your name).

If you are worried about having clicked one of these links, please contact the Information Centre.