Indigo

Latest Phishing Campaigns


 

Our IT Service Desk have recently seen a large number of phishing emails sent to both students and staff. Find out more:

  • (10 March) These emails were part of a Blue/Green Button Phishing Campaign’,  in which a number of other universities and companies across the UK were also impacted by. The email will have been sent from a legitimate and known email account, which has been compromised. Often, it appears that emails are sent from contacts which have been recently involved in email communications. The malicious spear phishing email, consists of either a green or blue button which the user is encouraged to click. Underneath the button, there may be additional text which changes, although it often contains either a timestamp, email addresses of the sender or Victim, or random text. Do not click on the link - if you have clicked on the link, reset your password and contact our IT Service Desk as soon as possible.
  • (26 February) An email pretending to be from a member of staff to validate your email account. This is an attempt to steal your login details.
  • (25 February) An email claiming to be a HMRC tax refund and asking for personal information to confirm your identity. HMRC will only ever notify you of a tax refund by post or through your employer.
  • (11 December & 31 January) ITunes phishing. This is when the fraudster gathers information that is publicly accessible and then tries to create a realistically looking message, using an email address similar to the official one and adding a signature in the end. The message is sent to colleagues of the impersonated user, claiming that the user is in a meeting, unable to use the phone and urgently needs an iTunes gift card.

The common theme within all phishing emails is that the fraudster attempts to try and find a way to make you act quickly before you have time to become suspicious. E.g. they will often claim that you owe money, that your email account is about to expire, or your work colleague needs urgent help. 

We’ve also been seeing what are known as ‘sextortion’ emails. In these emails a fraudster tricks users into believing that they have obtained sensitive, deeply personal and embarrassing information about them and threatening to publish the content online unless a ransom payment is made. Worryingly the email sometimes includes a genuine password belonging to you to prove that you have been hacked. This is however just a trick and the fraudster has found your password associated to your email in one of the big data breaches you may have heard about in the news. If you are still using that password for anything then you should change it.

Even with the most sophisticated email filtering, some of these attacks will reach users. If you think you may have revealed your security details please contact the IT Service Desk in confidence - 01784 41 4321.