New phishing attack

Many University staff and students have this morning, reported receiving a phishing email with subject line “Email Validation: University of STIRLING”.

This is a screenshot of the email – below we have listed below the characteristics that can help identify it as a scam.

Issues from the top down

  1. From field – on this occasion the email was sent from a compromised student account – you need to consider context e.g. would a student usually ask you to validate your email account?
  2. To field – noreply@replymail.  This email was not addressed to you directly but to some unknown distribution list.
  3. Subject field – bad grammar is a key feature in scam emails. In this case why is ‘Stirling’ capitalised?
  4. Body of message – again there is evidence of poor grammar – capitalisation and spelling of ‘Staffs’, capitalisation of ‘Stirling’, unnecessary line break.
  5. Dodgy link – if you run your mouse over the link (without clicking it) you would see that the link leads to an extremely dodgy looking address which is clearly not linked to University of Stirling (looks like a personal Sharepoint account)
  6. Signature – the IT Service desk at the University is called the Information Centre.  We don’t have an Office of Information Technology.  Capitalisation of ‘Stirling’ repeated.

Thanks to the many staff who forwarded this email to our inbox to make us aware of the issue.  Due to your quick action, our Specialists were able to take action very quickly to first of all, block any new occurrences.  They then put in place rules to remove the offending email from university inboxes.  As this action was taken, we were not able to reply individually to most of you as the emails were removed from our inbox too J. 

Did you click the link?

Please contact us immediately if you clicked the link so that we can take action to protect your network account.  If we detect any individuals who have clicked the link, we will disable your account to prevent any illegal use of the account.  Please contact the Information Centre if you find yourself unable to log in to University systems.

You can find more information about phishing and other forms of scam on the IS web site:

Stay alert folks!  If in doubt about the validity of an email, forward it to us and we’ll check it for you.

Information Centre
Information Services

University Library University of Stirling

Tel:  +44 (0)1786 467250