26th March 2021

UoM students targeted in phishing attack

Think you fell victim to the latest student phishing attack? Find out what happened and what you can do about it.
UoM students targeted in phishing attack
Photo: betacontinua @ flickr

Last week, many UoM students were emailed a suspicious link asking them to log in with their details. This phishing attack fooled many students, and left many others asking: what are these attacks? How do you spot them?What should you do if you’ve been taken in?

What is phishing?

The National Cyber Security Centre defines phishing as “when criminals attempt to trick people into doing ‘the wrong thing’, such as clicking a link to a dodgy website”.

The attack can be sent via email, text or social media. In the case of last week’s attack, students received an email asking them to log into their university account using a link embedded in the email.

Most of these attacks aim to collect sensitive information about the target. In last week’s attack, it was student login details, but some may want to collect financial information, or send a virus as an email attachment.

Phishing attacks are one of the most common types of cyber attacks. In 2020, a survey by the Department of Digital Culture, Media & Sport showed that phishing accounts for more than 80% of cybersecurity attacks.

How can you protect yourself?

There are various ways to effectively identify attacks. You should:

Read the link

Photo: Santeri Viinamäki @ Wikimedia Commons

If the link doesn’t start with HTTPS, it is probably an unsafe website. Some modern browsers will warn you when you try to enter these sites. However, this doesn’t mean every HTTPS website is safe to click on. The attacker who targeted the university used an HTTPS link.

Check the website’s appearance

This is one of the most obvious ways to detect if a website is fake. If it doesn’t look like the original website, it is probably a phishing site. Be aware that this doesn’t mean if the website looks the same, then it is fine to share your details. More sophisticated attackers will try to make their website look as legitimate as possible.

Question what they’ve asked you to do

Companies don’t usually ask you to log in for security breaches, or ask for personal details via email. However, this is one of the most commonly fallen-for scams.

Attackers usually disguise themselves as your personal bank, and ask you to change your password or verify a transaction. Before you click on these links, be familiar with how the institution you are dealing with operates.

If you have concerns, it’s a very good idea to look up the institution’s guide, or call their helpline before clicking on such links

Keep personal information private

Photo: mohammed_hassan @ pixabay

Be aware of the personal details you display in your social media accounts. It is very easy for attackers to target you using available public information.

What should do if you’re attacked?

Photo: @piqsels

If you were one of the students who logged into the suspicious link last week, here is what you need to do:

  1. Make sure that you change your university password following this guide. If you have the same password or a similar one somewhere else, you should change that as well.
  2. Contact the IT department immediately on +44 (0) 161 306 5544 and report the incident to [email protected] following these instructions.

If you’ve fallen victim to another scam, running your antivirus software and reporting any financial theft to Action fraud is incredibly helpful.

Society has suffered a huge increase in cyber attacks in recent years, but that does not have to lead to an increase in victims. Awareness and education are the key to keeping us safe online.

More Coverage

Mummies, meteorites and mammals: What do Manchester Museum’s collections teach scientists?

Following the reopening of the Manchester Museum, we looked at the science behind the discoveries, from human remains, animal specimens and historical objects.

Forever chemicals: New study begins to unravel exactly how PFAS affect our bodies

A new study has revealed the effect of PFAS, known as “forever chemicals”, on our natural biological processes for the first time.

Clean air, clean mind: The impact of air pollution on our brains

We know that air pollution has negative consequences on human health, but how does it affect our thinking and cognitive abilities?

That’s Science: Manchester student science podcast

In the age of podcasts, University of Manchester students Amelia Doran and Susan O’Flynn have recorded, edited and produced a refreshing take on the nature and history of science.

Copyright © The Mancunion
Powered By Spotlight Studios

0161 275 2930  University of Manchester’s Students’ Union, Oxford Rd, Manchester M13 9PR