The Higher Education sector is a lucrative hunting ground for fraudsters – using phishing tactics to steal username and passwords, unlocking systems and enabling access to the University’s and the user’s own data.

Earlier this year, Lancaster University reported a breach that involved the loss of a significant amount of student personal data that can be monetised or used for further fraud against those students affected.

Fraudsters have been reported to

• target students with false invoices, demanding direct payment to the fraudsters
• launch phishing campaigns against students, staff, and other universities
• redirect salary and expense payments from staff members to their own accounts

For Hallam, attacks have increased in severity over the last few months and we’ve seen increasingly sophisticated phishing campaigns since early 2019. These attacks are often successful because they direct users to sophisticated log-in portals that look like our own Office 365.

DTS monitors these attempts and aims to intervene as early as possible to reduce the opportunity that fraudsters have. The new email ‘caution’ banner (usually in yellow) at the top of all external mail is one of several measures put in place to highlight the risks in online activity. DTS also supply a CyberAware online training module which aims to help staff identify risks, and how to combat these. We encourage all staff to complete this for the safety of themselves, and the University.

Ultimately, it’s down to individual users to be wary of unexpected emails that require documents to be opened or to log-in to a website. Please remember to

• Check the sender (the new external email caution banner should help to identify external senders, treat these more cautiously).
• Check the address of any email links (always hover the mouse over them before clicking – this can sometimes be a giveaway).
• Check the website address if you have clicked a link (don’t just assume it’s a University website because it uses our branding – fraudsters are good at copying).
• Stop and think before logging-in, if anything at all feels ‘off’ then don’t go any further, contact IT Help before proceeding.

If you find something suspicious, or think you might have already been compromised, contact IT Help on 0114 225 3333 immediately.