28 February 2019

Phishing emails: be alert

Users are being targeted by phishing emails that begin 'LETTER FROM THE VICE-CHANCELLOR' or have the subject ‘Microsoft account security info’. Please delete them.

The subject line of the hoax VC letter is ‘FW: [ATTENTION REQUIRED] University of Leeds Revised Business Development, Implementation, and Review of Guidelines and Goals’.

Do not open attachments or click on links in either of these emails. If you have done so, please contact the IT Service Desk immediately. Otherwise the emails can be deleted; you do not need to forward them to the IT Service Desk.

IT has now closed down the links to the sites in the emails, but remember you should always be careful when clicking on links or attachments.   

If you receive a suspected phishing email, follow these steps:

  • forward the email (as an attachment, using the keyboard shortcut Ctrl + Alt + F) to spam@leeds.ac.uk
  • delete the email; and
  • if you have clicked the link/attachment, contact the IT Service Desk on 0113 343 3333 as soon as possible. 

Clues to help you spot phishing emails include:

  • it comes from an unexpected address – always check the actual return address and not just the 'advertised' one 
  • it may have poor spelling or grammar, or use a lot of capitalisation 
  • there may be a threat – e.g. click on the link now or your account will be suspended; or 
  • there is no further contact information.
You can find more advice on dealing with phishing on the IT website.

Posted in: