Don’t get caught in the net: how to avoid phishing scams

The University has strong security in place to help protect you from scams targeting your University accounts, but we need your help to make sure you don’t become a victim to phishing attacks.

  • Phishing attacks are a type of criminal activity that will steal your passwords, bank details or money.
  • The attackers will claim to be from a trustworthy source such as the University of Sheffield, the Student Loans Company, or your bank.
  • The attackers will use convincing and persuasive emails, social media or phone calls.

These attacks often increase at the start of the academic year and have become more and more sophisticated.

Follow this advice to help prevent scams:

  1. Remember that the University will never call or email you asking for passwords, bank details or other sensitive information
  2. Don’t open or respond to emails which you suspect as being a scam.
  3. Don’t open attachments that have been sent to you by unknown sources or click on unknown links.
  4. Be wary of the sender’s email address and any web links that you are sent - even a single character out of place may mean it’s fake.

More advice on how to spot a phishing attempt

What to do if you think you've been phished

If you receive an email that you suspect is a phishing attempt, forward it to

If you suspect that you may have fallen victim to a phishing attempt, entered any personal information, or opened and downloaded any attachments from a suspicious email, please contact the CiCS Helpdesk immediately on +44 (0)114 222 1111.

Watch the Scamspotting film