Important Message From Staff Portal

Published: Posted on

We have a huge number of reports of a phishing campaign which many people have recognised as such.  Some, however, appear to have been taken in by this.  Initial versions came from outside the University which were easy to spot as bogus.

However,  once some people had given their passwords away their accounts were then used to send the messages.  As these came from University staff members some recipients trusted them.  I would like to remind everyone that IT Services does not  pick random staff from random departments to send out messages on our behalf.

Here is an example which has been anonymised.

Example of phishing email

Clicking on the link will load the following page.

Picture of copy of portal web page

This is a copy of our staff portal page.  However, the address in the address bar at the top indicates that it is not our portal page.  IT services does not send unsolicited emails linking to pages where you have to login, so even without the incorrect address it should be clear at this point that something is wrong.


Author: Chris Bayliss

IT Security Manager.

Leave a Reply

Your email address will not be published. Required fields are marked *