A phishing campaign which was last highlighted in May, aimed at students, has reappeared yet again.
The email claims the student has been awarded an educational grant as part of a student support programme. The email purports to have come from the Finance Department of the student’s university. It tricks the recipient into clicking on a hyperlink contained in the message to provide personal details on a webpage.
Victims report that after submitting their sensitive information (including name, address, date of birth, bank account details, National Insurance Number and mother’s maiden name), they were taken to a spoofed website which appeared to be a genuine representative of their online bank, where they were directed to type in their online banking credentials.
Don’t open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for your personal or financial details.
An email address can be spoofed, so even if the email appears to be from a person or company you know of, but the message is unexpected or unusual, then contact the sender directly via another method to confirm that they sent you the email.
If you receive an email which asks you to login to an online account, go directly to the website yourself instead of using the link provided in the email.
If you suspect an email is a scam, do not reply to the sender. Where possible, flag the email as spam and then delete it.
Always install software updates as soon as they become available. Whether you’re updating the operating system or an app, the update will often contain fixes for critical security vulnerabilities.
If you think your bank details have been compromised and/or you have lost money due to fraudulent misuse of your cards, you should immediately contact your bank and report it to Action Fraud.