IT services status

Find out the current status of IT services at the University of Bath

Topic: Scams

Phishing Email titled: IT HELP DESK


📥  Phishing, Scams, Security

We are getting reports of a phishing email being sent to students and staff.

This is fake. Please ignore and delete this email. Please do not click any links or send any personal information.

If you are concerned about an email you are sent, you can forward it to: and the team will advise.

Example of the email:

subject: IT HELP DESK

Due to recent upgrades on our servers.  Your 5 (Five) incoming Emails are on hold. Please validate below to retrieve your email

Click here to retrieve and update your email account.

We are sorry for the inconvenience.



Fake email about Webmail

  , ,

📥  Phishing, Scams, Security

We have been alerted to an email that has been sent to some users within the University entitled "Account Lock Notice" which states that your webmail account has been locked due to too many login attempts. The links in this email take you to a site that asks for your login details.

This email has not come from us so please don't click on any of these links. If you are concerned about an email you have received you can always email and the security team will verify this for you. We have reported the fake site to Google Safe Browsing.

Read our advice on dealing with phishing emails.


Students - beware of 'Grant' phishing emails

  , , ,

📥  Phishing, Scams, Security

Students have recently received phishing emails purporting to be from the University Finance Office. You should not click on the link within these emails.

Some of our students have reported they have received false emails pretending to be from the University Finance Office, advising them they are entitled to receive a financial grant. We have also had reports that some students who entered bank details and personal information have had money taken from their bank accounts.

  • If you have provided any financial (bank details or credit card details for example) or personal information in response to this email please contact your bank or card provider immediately to advise them that you have been the victim of a fraudulent email scam to obtain your financial details. They can take steps to protect you and your financial information. Do not wait to contact us before doing this.

Please  change the password on any accounts that you have signed up for using the email address that this phishing email was sent to.

These emails are fake and can be spotted as they have not been sent from a University of Bath email address.

The emails contain the following message:

Dear University Member,

Following the meeting by the university with the Government with regards to support for student  and staff research purposes, we are pleased to let you know that Study-Support fund has been awarded to the university by the government.

You qualify to receive the support/grant. To ensure that you receive your grant promptly, you are required to submit your details via the web link below.

Grant Information link

Please click on the link above or copy and paste it into your browser to submit your details.

You will be contacted via your registered address with the university on grant has been successfully processed.


Finance Department

University of Bath

You should not click on the link inside the message as this leads to an insecure website asking you to supply personal and banking information which could be used to carry out identity and financial theft.

What if I have submitted the form?

You must reset your password immediately if you are unsure of how to do this or you are unable to access the tool please visit the IT Service Desk on Level 2 of the Library for assistance.

You can also read the University of Bath phishing information, which gives further advice.


New OS X Ransomware affecting Transmission (BitTorrent client)


📥  Scams, Security

It has recently come to light that users who downloaded version 2.90 of the Transmission BitTorrent client for OS X from official website after 3.00 GMT, March 4, 2016 and before 1100 GMT, March 5, 2016, may be been infected by the "KeRanger" ransomware.

If you are running Transmission on your Mac (and yes, there are legitimate uses for torrents) then please ensure that you update to 2.92 immediately as this version is free of malware and additionally, it removes the malware caused by the previous build (2.90).

This demonstrates that although malware is less common on Macs when compared to their Windows counterparts, they are certainly not invulnerable to malicious applications and care still needs to be taken to avoid being affected by malware. Such steps can include:

  • Ensuring that OS X is kept up-to-date
  • Installing anti-virus on your Mac
  • Being careful to only download applications from trusted sources.


If you have any questions or concerns then please get in touch with the IT help team.


Beware of HMRC phishing emails

  , , ,

📥  Scams

It's that time of year again, yes it's the end of the tax year and the new tax year has now started. It's also the time that fake phishing emails claiming to be from HMRC will be doing the rounds. So, is that email claiming you've been given a massive tax refund for real?

Emails from HMRC will never:

  •   Notify you of a tax rebate
  •   Offer you a repayment
  •   Ask you to disclose personal information such as your full address, postcode, Unique Taxpayer Reference or details of your bank account
  •    Give a non HMRC personal email address to send a response to
  •    Ask for financial information such as specific figures or tax computations, unless you’ve given us prior consent and you have formally accepted the risks
  • Have attachments, unless you have given prior consent and you have formally accepted the risks
  • Provide a link to a secure log-in page or a form asking for information - instead we will ask you to log on to your online account to check for information.

What you can do about it:

If you receive an email you believe to be offering a tax refund you can send it to and then delete it permanently.

HMRC advises customers who receive such an email to check the advice and view where examples of these fake emails.

If you have answered an email and given your personal information:

People should not click on websites or links contained in suspicious emails or open attachments. Anyone who has answered one of these emails should forward the email and disclosed details to


You can also read the University of Bath phishing information, which gives further advice.





Avoid phone scams


📥  Scams

Beware of telephone support scams where someone phones you and claims to be from Microsoft or from another support company such as BT.

They can call you at home or at work.

The cybercriminals use publicly available phone directories so they might know your name and other personal information. They might offer to help you solve a computer problem or ask you to validate your software licence.

What to do when you receive an unsolicted tech support call

If you are not expecting a call from a technical support company, be wary.  Do not give out any information, instead, end the call.  Look up your own contact details for the support company you do use and give them a call if you are worried you need to take legitimate action.

Give our Service Desk a call on 01225 383434 to let us know, we can gather information on the scams and do more to stop them.

What the cybercriminals are trying to do

They may try and do a number of things.  These include taking control of your computer and getting credit card information.

Microsoft has given the following examples of reported tech support scams:

  • Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
  • Convince you to visit legitimate websites to download software that will allow them to take control of your computer remotely and adjust settings to leave your computer vulnerable.
  • Request credit card information so they can bill you for fake services.
  • Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.