Broadcast: News items

Don’t fall for this clever phishing campaign

Please watch out for clever phishing emails today. 

Phishing emails are messages which are sent to try and obtain personal or financial information from you, or to try and trick you into making payments to fraudulent bank accounts. IT Services do what we can to prevent spam emails being received, but it is not possible to prevent them all getting through to your inbox.

The latest round of phishing emails will generally contain red or green buttons, which lead to a fake Sussex login page. If you enter your login details on this page, they will be used by cyber criminals to access your account.

The subject line of these emails may contain your name, an area of your work, a message about your studies or it might mention a photo submitted to the website.

You can spot phishing emails by:

  1. Checking the sender’s email address. A name can easily be spoofed, but look for a genuine @sussex.ac.uk email address. Sometimes Sussex accounts can be compromised when somebody gives away their password to a phishing attack, so this isn’t 100% effective.

  2. Hovering over links in emails before you click on them. You can find advice about spotting a fake link on the ITS security page.

  3. Looking out for a sense of urgency. Phishing messages will often encourage you to click on links before you think about them.

ITS are taking steps to block the URLs and they expect to roll out improved email filtering soon.

You can find a lot more advice about spotting phishing emails and staying safe online on the ITS website.

If you’re ever concerned that you might have given away your login details, please change your password immediately.


By: Alexander Butler
Last updated: Tuesday, 12 March 2019

Share: