Online Fraud

Phishing refers to online fraud, in which criminals try to trick you into revealing bank details or email account details, for the purposes of theft and fraud. See the video below:

Spotting a phishing scam

The fraudsters copy branding (such as the Google logo or the University crest) to create convincing emails and websites. Some simple steps to identify a phishing email, along with a screencast, are available on the webpage below.

You may also receive unsolicited telephone calls warning you that your computer has a virus or that there has been a problem with your bank account. The important thing to note is that the phone call will be unsolicited and ask for confidential information or access to your computer.

What action to take

Never respond to an unsolicited request for confidential information (for example your bank account details or your password) no matter how convincing or intimidating the person contacting you is. If you are in any doubt you should contact the organisation directly using a trusted means of communication.

If you think you have received a phishing email please forward it on to the CiCS Helpdesk for further investigation - phishing@sheffield.ac.uk

If you have responded with your University account details you must change your University password immediately and contact the CiCS Helpdesk for further advice on securing your account.

Student loans

Students must be particularly careful when responding to any message relating to their student loans. Neither the Student Loan Company nor the University will ever ask for bank details or personal information by email. 

Stopping phishing

Phishing scams can bring in many millions of pounds from their victims. The good news is that by reporting phishing attempts promptly we are able to greatly reduce the local impact by blocking the senders and warning our staff and students. Where we are able to identify a serious threat it is reported to the appropriate authorities for further investigation and action.