Don't take the bait...

Phishing emails are getting cleverer, more realistic and more frequent. Spam and email filters do some of the work but will never be fully effective, so it’s up to each of us to read the context of messages and look for anything suspicious. 

There are useful tips below, to help you spot a Phishing or fake email, but three key items to look out for are:

  1. Urgency. Using tight deadlines to create a sense of urgency that distracts you from the rest of the message and pressures you into acting quickly.
  2. Authority. Using the authority of the sender, such as by pretending to be a senior executive, trusted colleague or reliable company, to convince you that the message comes from a trustworthy source.
  3. Imitation. Exploiting 'normal' business communications, processes and daily habits to trick you into reacting to a message. Check who the email is addressed to, if it's 'friend' or 'valued customer', then this might be because the sender doesn't know you.

All staff and student Microsoft 365 accounts are continually monitored for suspicious activity. If an account is suspected of being compromised it is immediately disabled and the IT Service Desk will contact the owner of the account.

Remember to:

  1. Look at the email address, not just the senders nameMake sure it is a valid company address (Microsoft will never send you an email asking you to log in, from a colleague’s/teacher's email address.)
  2. Look again at the email/web address. Some false addresses look very like the real ones. 
  3. Look for grammatical mistakes, not just spelling mistakes. When crafting phishing messages, scammers will often use a spellchecker or translation machine, which provide all the right words but not necessarily in the right context or order.
  4. Hover your mouse over any links, to check they go to a valid address/destination. 
  5. Look out for a sense of urgency. If the email is rushing you into doing something, (even if from your boss or teacher), before you respond, contact the sender using a different method, to check it is from them.
  6. Follow your instincts, if it feels dodgy, it probably is!

Delete it from your email.

  1. Delete the email and change your IT account password, which you can do by pressing ‘Ctrl, Alt, Delete’ and selecting ‘Change a Password’, if on campus. If off campus, you will need to register for the self service reset at 
  2. Contact the IT Service Desk using and let them know that you have received this phishing email and that you have changed your password.
  1. If you have opened the email and provided any financial details, please contact your bank as a matter of urgency. 
  2. If you have entered any personal data at all – login details like name/email and password, change your IT account password straight away by pressing ‘Ctrl, Alt, Delete’ and selecting ‘Change a Password’, if on campus. If off campus, you will need to register for the self service reset at 
  3. Contact the IT Service Desk using and let them know that you have opened and clicked on a phishing email and that you have changed your password. 

Hackers either buy or use old email addresses which are freely available on hacking sites. 

Yes it is, however if your username and password is given away in a Phishing attack this opens the University address book to everyone who has hacked that compromised account. Each compromised account can see a number of different hackers using it.

The evidence tends to indicate that the email addresses in circulation across hacking sites are extremely old, if and when University IT accounts are found on hacking sites with a username and password these accounts are immediately disabled.

There are regular Phishing campaigns that are targetted at Universities. These include pretending to be from the tax office HMRC and the offer of a tax refund, messages pretending to be from the Student Loan Company and invitations to join your contacts on applications like Teams, WhatsApp and Microsoft Office.