Monday 12 September 2016
A new phishing campaign which has hit students of UK universities claims that the student has been awarded an educational grant.
The email (example below) purports to have come from the Finance Department of the student’s university and tricks the recipient into clicking on a link contained in the message to provide personal and banking details.
One victim reported that after submitting their sensitive information (including name, address, date of birth, contact details, telephone provider, bank account details, student ID, National Insurance Number, driving licence number and mother’s maiden name), they were taken to a spoofed website which appeared like a genuine website of their bank, where they were asked to type in their online banking login credentials.
- Do not click on any links or open attachments contained within unsolicited emails.
- Do not reply to scam emails or contact the senders in any way.
- If an email appears to have come from a person or organisation you know of but the message is unexpected or unusual, contact them directly via another method to confirm that they sent you the email.
- If you receive an email which asks you to login to an online account via a link provided in the email, instead of clicking on the link, open your browser and go directly to the company’s website yourself.
- If you have clicked on a link in the email, do not supply any information on the website that may open.
- If you think you may have compromised the safety of your bank details and/or have lost money due to fraudulent misuse of your cards, you should immediately contact your bank, and report it to Action Fraud.
If you, or anyone you know, have been affected by this fraud or any other scam, report it to Action Fraud by calling 0300 123 2040 or visiting www.actionfraud.police.uk.
This information has been provided by the City of London Police.
Cyber security awareness training
IT Services provide cyber security awareness training for staff and students. The course is designed to help you have a better appreciation of the importance of information security. The training has been created by a consortium of universities specifically to address the need for Cyber Security Awareness training in the higher education sector.
You can self-enrol for the training on QMplus:
The URL to the course: http://qmplus.qmul.ac.uk/mod/scorm/view.php?id=405017
The self-enrolment joining phrase: CyberSecurity
The course should take about an hour to complete. There is a short test at the end of the course. If you do not succeed in achieving the pass mark, the system will only retest on topics where the pass mark was not achieved.
Please email email@example.com if you cannot access the training.