Tag: Phishing

Fake student loan emails

New or returning student? Please be cautious with your emails. Fraudsters have been targeting students across the UK with the email phishing scam pictured below:


This is not a genuine communication, as can be seen by the many errors included in the text. It is designed to trick you into giving up your personal information, which may then be used to defraud or steal your identity. Do not click on any of the links if you receive it and report it to us before deleting from your inbox.

Did you receive this and act on it?
Paul Mason, Executive Director of Repayments and Counter Fraud, said: “We will never request a student’s personal or banking details by email or text message. Anyone who receives a scam email about student finance should send it to us at phishing@slc.co.uk in addition to reporting it to Action Fraud, as this allows us to close the site down and stop students from being caught out.

More information about this phishing scam can be reached on the Action Fraud website.

 

Phishing scam: ‘Expiration Notice’

An unknown number of users have received a phishing scam message:

From: Helen Murray <userservices.supervisor@gmail.com>

Subject: Expiration Notice

The message claims that ‘your access to “My Dundee” will soon expire’. It goes on to state “You can reactivate it by logging in through the following URL” which is hyperlinked into the email.

Do NOT click on the link provided. The link is NOT to a Dundee site, but to leads to a .Dundee.ac.neze address, which is not legitimate.

Users should always change or reset passwords using proper University methods.

Best practice is to delete the email entirely. Please do not reply to the e-mail or click/copy-paste the link within it.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the link or pasted it into your browser’s address window, or if you need additional information or support.

Phishing scam: Attachment A2.20.23.pdf

An unknown number of users have received a phishing scam message:

From: wwwpostu@walla.com
Subject: A20
With an attachment entitled: A2.20.23.pdf

Best practice is to delete the email entirely. Please do not open or download the attachment if you have received this message to your inbox as you may be introducing a security threat to your device.

We are working to verify the legitimacy of the email. Updates will be added to this post as more information comes to light.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information or support.

Phishing scam: eVision password change

An unknown number of users have received a phishing scam message with the subject line “Fwd: Expiration Notice”.

The message requests that eVision users change their login details to continue to have access to the service and provides a web address to do so.

The sender is not an official University account and we are working with our engineers to block the sender to ensure it cannot issue further messages into our email system.

If you have received this message, please refrain from clicking on the link as you may be introducing a security threat to your computer.

The University would never write to students or staff in this way and if  you were ever asked to change your password you would always be pointed towards the Password Change Utility.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information or support.

Phishing scam alert

An unknown number of users have received a phishing scam message with the subject line “Your grant information from the University of Dundee” (click on the image below to view in full size).

spam

The sender “University of Dundee” is not an official University account and is blocked at the gateway to ensure it cannot issue further messages into our email system.

If you have received this message, please refrain from clicking on the link as you may be introducing a security threat to your computer.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information.

Phishing scam alert

It has come to our attention that a phishing scam message with the subject line “Important account information” has been distributed to an unknown number of UoD members.

The sender “University of Dundee” is not an official University account and is blocked at the gateway to ensure it cannot issue further messages into our email system.

If you have received this message, please refrain from clicking on the link as you may be introducing a security threat to your computer.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information.

Phishing scam alert

It has come to our attention that a similar phishing scam message (see below) has been distributed to an unknown number of UoD members:

phish

If you have received a similar message like the one above, please refrain from clicking on the attachment as you may be introducing a security threat to your computer.

The sender “accounts@dundee.ac.uk” is not an official University account and is blocked at the gateway to ensure it cannot issue further messages into our email system.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment.

IT security update – be vigilant

We are always monitoring IT community message boards and mailing lists for prior warning of potentially dangerous malware attacks on our network.

We are currently aware that organisations have been targeted by malware known as CryptoLocker. Users will see a tracking notice from a shipping company such as FedEx, UPS etc. either through email or social media and as it looks from a legitimate contact, open it. They are then infected by malware which encrypts files, stops software from running and corrupts documents. If you are in doubt of the validity of an email – delete it.

Read More

Phishing emails

We have received a report that a phishing email has been sent to users in the University. This email appears to have been sent from the University and instructs users to upgrade their email by navigating to a website where they then enter their username and password.

Please be aware that Service Desk would never request your password. When you log into a service you can be certain that it is a secure site by checking the website address carefully and looking for https:// at the start of the address.

What are we doing?

In addition to alerting you to this we have adjusted our spam filter settings to block this address.

What should users do if they have been affected?

If you have received any suspicious emails please forward them to ics-servicedesk@dundee.ac.uk. If you have provided your username and password  after being prompted by an email, please change your password at the Password Management Portal. You can find a link to this on the ICS homepage – for security reasons we have not included a link in the email. You should then contact Service Desk as soon as possible.

Help & Support

If you have any questions or concerns, please contact Service Desk and quote Incident No 70187.