You will be aware that ‘phishing fraud’ is a common method of hackers trying to obtain and misuse personal details, including passwords.
It has come to our attention that staff at other universities have been targeted with convincing fraudulent emails (phishing) pretending to be from their university payroll team.
Emails are branded to look like they come from the respective university and ask that staff go to their HR portal login screen via a link in the email. One example email suggested a staff member was due for a pay change and needed to access the relevant documents at the end of a link. The link is of course fraudulent, and is designed to capture the individual’s login and password details. The acquired staff login is then used to change their bank details to a fraudulent account.
We have no evidence that this issue has occurred at SHU and steps are in place to identify and prevent these e-mails reaching staff.
However, as this is an active fraud that is currently targeting UK University staff, we wanted to make you aware of it. If you have any concerns about any e-mails received, or if you have clicked on a suspicious link or opened an attachment, please contact IT Help.
Further information and guidance on this type of fraud is available in the article ‘Phishing- What you need to know’ produced by DTS.