Information Security Alert: Phishing email

Many of our staff members have reported a phishing email making the rounds today, purporting to be from the University Chancellor, Jack McConnell.

The email contains a PDF attachment titled “University of Stirling” and invites staff to review the contents. This email is NOT genuine. It is a phishing email designed to steal your username and password.

It is very important to remain vigilant. Do not click on links or attachments in emails, unless you are 100% certain of the authenticity of the email. You can always forward any suspicious emails to the Information Centre for investigation.

We have labelled the email below to help you spot the tell-tale signs of this particular phishing attack:

The PDF attached to this email contains a link which presents you with a fake login page asking for your username and password. It was designed in this way to steal university credentials.

Although this email uses some more sophisticated tactics, it is always good practice to follow the below advice:

  • Be wary of emails that have an urgent tone or call you to action (open a link, review a document, confirm your details, etc). Scammers want to rush or trick you into making a mistake.  
  • Phishing emails can originate from university accounts that have been compromised. It does not mean that they are genuine. Always question the authenticity of any emails from an unexpected source.
  • Always check the details of the email. Scams are often easy to spot because of incorrect information, bad spelling or bad grammar.
  • Always remember that Information Services will never ask you for your username and password via email or by clicking on a link.

If you are concerned that you have clicked on any suspicious links or attachments, change your password immediately using the “change password” link in the Portal.

You can view more information about how to spot phishing emails on our IS News Blog.

If you have any questions, please contact the Information Centre on