Following our recent Information Security Alert about phishing emails, many of you have reported a new phishing campaign that is making the rounds and is targeted at our students.
The email claims to be from the “IT help desk” and asks users to validate their accounts by clicking on a link.
This email is NOT genuine and is designed to steal your username and password.
We will NEVER ask you to validate your account or confirm your details by clicking on a link.
We have labelled the email below to help you spot the signs of a phishing attack:
It is very important that you remain vigilant and that you do not click on links or attachments in emails, unless you are 100% certain of the authenticity of the email. You can always forward any suspicious emails to the Information Centre for investigation.
Thanks to the students who reported this email to us, we were able to remove the email from student inboxes and have taken further steps to reduce the impact of the scam.
You can continue to help us by following the below advice:
- Be wary of emails that have an urgent tone or call you to action (open a link, review a document, confirm your details, etc). Scammers want to rush or trick you into making a mistake.
- Phishing emails can originate from university accounts that have been compromised. It does not mean that they are genuine. Always question the authenticity of any emails from an unexpected source.
- Always check the details of the email. Scams are often easy to spot because of incorrect information, bad spelling or bad grammar.
- Always remember that Information Services will never ask you to confirm your username and password via a link.
If you are concerned that you have clicked on any suspicious links or attachments, change your password immediately using the “change password” link in the Portal.
You can view more information about how to spot phishing emails on our IS News Blog.
If you have any questions, please contact the Information Centre on infocentre@stir.ac.uk