IT services status

Find out the current status of IT services at the University of Bath

Tagged: phishing

Phishing Email titled: IT HELP DESK

  

📥  Phishing, Scams, Security

We are getting reports of a phishing email being sent to students and staff.

This is fake. Please ignore and delete this email. Please do not click any links or send any personal information.

If you are concerned about an email you are sent, you can forward it to: phishing@bath.ac.uk and the team will advise.

Example of the email:

subject: IT HELP DESK

Due to recent upgrades on our servers.  Your 5 (Five) incoming Emails are on hold. Please validate below to retrieve your email

Click here to retrieve and update your email account.

We are sorry for the inconvenience.

IT HELP DESK

 

Students: Phishing email requesting you to update your student loan details

  , ,

📥  Phishing

The sumer term might be at an end but phishing scams are still happening.

We have been made aware of a phishing scam targeting students by requesting that they update their  personal information  in order to get their next student loan payment, this is a fake email. Please do not click on any links or enter any personal information.

Please note:

  • If you have given your bank account details or other financial information to an email of this type, Contact your bank immediately
  • If you are on campus, visit the IT Service Desk, on level 2 of the Library for advice. Alternatively, contact them via the help form
  • You will never be asked for your personal information, such as your bank details or password, via email.
  • If you are worried about an email, please forward the email to phishing@bath.ac.uk and our security team will advise you.

Futher information about phishing attacks and what to do, can be viewed on our website.

Many thanks

IT Literacy.

 

Fake email about Webmail

  , ,

📥  Phishing, Scams, Security

We have been alerted to an email that has been sent to some users within the University entitled "Account Lock Notice" which states that your webmail account has been locked due to too many login attempts. The links in this email take you to a site that asks for your login details.

This email has not come from us so please don't click on any of these links. If you are concerned about an email you have received you can always email phishing@bath.ac.uk and the security team will verify this for you. We have reported the fake site to Google Safe Browsing.

Read our advice on dealing with phishing emails.

 

Password Change Request

  , , ,

📥  Phishing, Security

Recently a number of members of the University community received a phishing email which requested personal details as well as their University user name and password, leaving those who responded exposed to identity theft. As a precautionary measure Computing Services have contacted those affected and requested the password on their University computer account is changed.

Please check your University / Personal email and if you have received this email please follow the guidance within to change your password.

Accounts which have not had their passwords changed by 31st May 2016 will automatically have their passwords scrambled.

If you have any queries or experience difficulty changing your password please visit the Computing Services Service Desk on Level 2 of the library.

Please note when you change your password you will need to update any devices you have set to autmatically download email or connect to Eduroam.

Top Tips for Internet Security

  1. The University will not ask you for your bank account details in an email.
  2. Don’t click through from links contained in an email, ensure you copy and paste the link into your web browser
  3. The University will only ask you to enter your user name, password and personal information into secure web pages hosted on the .bath.ac.uk domain
  4. Does the From: addresses match the organisation represented, e.g. appear to be from another university but claim to be the University of Bath
  5. When you hover over a link does it match the displayed organisation

Further information and guidance can be found on our malicious emails web page.

 

Stay safe new phishing email to be aware of

  ,

📥  Phishing

There is a new phishing email to look out for. The good news is, we've managed to catch it early. Please don't click on any of the links and if you are concerned you can always email phishing@bath.ac.uk and the security team will verify an email for you. You can read our phishing email advice here.

example:

Subject - Dear Mailbox user

YOUR PASSWORD EXPIRES IN 24 HOURS.

YOUR ARE REQUIRED TO CHANGE ACCOUNT PASSWORD IMMEDIATELY TO UPDATE ACCOUNT/PROFILE OR ACCOUNT WILL BE DISABLED.

 

Please Go to:> Phishing link>  on your browser to Update your password immediately.

 

Call the Support Centre-HELP for information about any OWA Gateway service

 

Staff Incident Report No: 890028371

Case ID: 67MDC-7911

Group: Faculty/Staff

Admin Key: XXX06273

 

ISSUED BY ADMIN SUPPORT CENTRE\OWA GATEWAY.

end of email

This is a fake email. Please remember never to click on any links or enter your personal information. We will never ask for your password via email.

 

 

Please be aware of further phishing attacks

  ,

📥  Phishing, Security

Following on from the 'grant offer' phishing attack we reported earlier this week, we have received reports of another attempt this time targeting the old webmail sign on page and verifying credentials. Please be aware that all staff and students should now have migrated to Exchange and so please do not enter your password or click any links.

 Below is an example of the phishing email:

Subject: Beware EMail security Alert!

Dear User,

There has been an automatic security update on our Bath University Administrative Server system, Please use the direct link below to validate your WebMail account.

CLICK HERE: [LINK to phishing page]

 

Copyright © 2016 University of Bath. All rights reserved IT Support &  Web Desk Computing Services (this is a fake phishing link).

 

What if I have submitted the form?
You must reset your password immediately if you are unsure of how to do this or you are unable to access the tool please visit the IT Service Desk on Level 2 of the Library for assistance.

You can also read the University of Bath phishing information, which gives further advice. You can also forward phishing or emails you suspect are phishing  emails to: abuse@bath.ac.uk

 

 

Students - beware of 'Grant' phishing emails

  , , ,

📥  Phishing, Scams, Security

Students have recently received phishing emails purporting to be from the University Finance Office. You should not click on the link within these emails.

Some of our students have reported they have received false emails pretending to be from the University Finance Office, advising them they are entitled to receive a financial grant. We have also had reports that some students who entered bank details and personal information have had money taken from their bank accounts.

  • If you have provided any financial (bank details or credit card details for example) or personal information in response to this email please contact your bank or card provider immediately to advise them that you have been the victim of a fraudulent email scam to obtain your financial details. They can take steps to protect you and your financial information. Do not wait to contact us before doing this.

Please  change the password on any accounts that you have signed up for using the email address that this phishing email was sent to.

These emails are fake and can be spotted as they have not been sent from a University of Bath email address.

The emails contain the following message:

Dear University Member,

Following the meeting by the university with the Government with regards to support for student  and staff research purposes, we are pleased to let you know that Study-Support fund has been awarded to the university by the government.

You qualify to receive the support/grant. To ensure that you receive your grant promptly, you are required to submit your details via the web link below.

Grant Information link

Please click on the link above or copy and paste it into your browser to submit your details.

You will be contacted via your registered address with the university on grant has been successfully processed.

Regards,

Finance Department

University of Bath

You should not click on the link inside the message as this leads to an insecure website asking you to supply personal and banking information which could be used to carry out identity and financial theft.

What if I have submitted the form?

You must reset your password immediately if you are unsure of how to do this or you are unable to access the tool please visit the IT Service Desk on Level 2 of the Library for assistance.

You can also read the University of Bath phishing information, which gives further advice.

 

Beware of HMRC phishing emails

  , , ,

📥  Scams

It's that time of year again, yes it's the end of the tax year and the new tax year has now started. It's also the time that fake phishing emails claiming to be from HMRC will be doing the rounds. So, is that email claiming you've been given a massive tax refund for real?

Emails from HMRC will never:

  •   Notify you of a tax rebate
  •   Offer you a repayment
  •   Ask you to disclose personal information such as your full address, postcode, Unique Taxpayer Reference or details of your bank account
  •    Give a non HMRC personal email address to send a response to
  •    Ask for financial information such as specific figures or tax computations, unless you’ve given us prior consent and you have formally accepted the risks
  • Have attachments, unless you have given prior consent and you have formally accepted the risks
  • Provide a link to a secure log-in page or a form asking for information - instead we will ask you to log on to your online account to check for information.

What you can do about it:

If you receive an email you believe to be offering a tax refund you can send it to phishing@hmrc.gsi.gov.uk and then delete it permanently.

HMRC advises customers who receive such an email to check the advice and view where examples of these fake emails.

If you have answered an email and given your personal information:

People should not click on websites or links contained in suspicious emails or open attachments. Anyone who has answered one of these emails should forward the email and disclosed details to security.custcon@hmrc.gsi.gov.uk

 

You can also read the University of Bath phishing information, which gives further advice.

 

 

 

 

Phishing attempt - change password

  ,

📥  Phishing

We have been made aware of a phishing email claiming to be from Weebly. This is fake please do not enter your details. If you have already entered your details find out what to do next.

Below is an example of the email:

subject: attn

Important Announcement to all Staff

 

CHANGE E-MAIL PASSWORD IMMEDIATELY OR PASSWORD WILL BE DISABLED IN 30MINS

 

Click here: Staff-Online <url>

 

 

Phishing attempt - Unrecognized Device tried to log on

  , ,

📥  Phishing

Please be aware that we have had reports of a phishing email being sent to several staff and student accounts. This is FAKE. Please do not reply or send your details. If you have sent your details find out what to do next.

Below is an example of the email:

Subject: Unrecognized device tried to log on.

Someone recently tried to lοg on to your οnline accοunt from an unrecognized device.

To change your memοrable infοrmation, cΙick Lοg on to Internet Βanking <url>  then you wilΙ be prοmpted to change it.