Students at the University of Bristol have been warned of a phishing email that was received by many yesterday and today.
A University of Bristol spokesperson told Epigram: 'We are aware of a phishing attack currently targeting university students. The email states "The University has awarded you a grant of £1,750 following approval by the Department of Education (DoE)" and includes a link to a web page used to collect details, including bank account information.
'The site which caused the initial problem has now been marked as malicious by Google. We’ve circulated advice to students warning them to be alert to such phishing attacks. Support and advice for anyone who has received this email can be found on our IT Services web pages.'
Earlier today, Darrell Sturley, Chief Information Officer, sent out an email to all students with the following advice:
- Do not click on any links in the scam email
- If you have clicked on a link in the email, do not supply any information on the website that may open.
- Do not open any attachments that arrive with the email.
- Do not reply to the email or contact the senders in any way.
- If you think you may have given your bank details via this or any other suspicious email, you should immediately contact your bank.
Students also reported to Epigram receiving a text message, with the sender claiming to be TSB bank. The text read: 'Your online account has been disabled due to failed login attempts'. It contained a link that supposedly allowed the receiver to 're-enable' the account.
Epigram has been informed that IT services has not at present had any reports of students receiving phishing text messages, and that there is currently no reason to assume these texts and the emails are linked or that there has been any data breach.
For background on the TSB message and phishing emails, click here.
For more information on dealing with suspicious emails that supposedly come from the University, students should visit Bristol's phishing emails advice page.
Featured Image: Epigram / Ed Southgate
Be alert for phishing emails - advice from IT Services
If an email appears to have come from a person or organisation you know of but the message is unexpected or unusual, contact them directly via another method to confirm that they sent you the email.
If you receive an email which asks you to login to an online account via a link provided in the email, instead of clicking on the link, open your browser and go directly to the company’s website yourself.
If you have clicked on a link in the email, do not supply any information on the website that may open.