Advice on fraud and scams and how to spot suspicious emails and calls

Starting university and perhaps living away from home for the first time is a milestone moment for many – and one we want you to enjoy!

But with your independence comes an increased risk of you falling foul of scams and frauds that you may not have encountered to date. Unfortunately this type of behaviour towards students is an ever-growing risk…but there are plenty of ways you can protect yourself.

The most common ways students will be targeted is by email or over the phone. Here’s what you need to be aware of:

Phone scams

The most common phone scams include:

  • ‘SMiSHing’ (SMS phishing) – when a scammer sends texts asking for sensitive information like your personal or financial details. These often look like they’re from a legitimate company. Don’t reply, delete the message instead.
  • Callers claiming to be from UK government bodies, for example, HMRC, telling you that you must pay an outstanding tax bill.
  • Scams offering compensation for an accident (real or not) that you’ve had. Again, don’t reply to these, not even if the text asks you to reply ‘STOP’ to opt-out of further messages. Just delete the message.
  • Scammers accessing your personal and private information when you are using public WiFi. Be aware of your surroundings and of who’s around you when using a mobile device to go online in public. Don’t, where possible, share personal information when you’re using a public WiFi connection.

If you or someone you know is approached with these types of calls or messages, stop all contact and ask for advice from someone you trust. Criminals operate in silence. If you talk about it, you raise awareness and help protect others.

Report it by calling local Police on 101 or 999 in an emergency.

Contact the independent charity CrimeStoppers anonymously online or by calling 0800 555 111.

Email scams

Despite the best efforts of robust University systems, we know from experience that scammers target students with malicious emails. Unfortunately, this leads some people to become victims of fraud.

A phishing email is a fake email message that claims to be from an organisation you may trust. For example, a company, bank, government or from the University. A phishing email will often ask you to provide or “verify” personal or account details by clicking on a link or replying to the email. You should always be vigilant. Check your emails to see if they are genuine and make sure you don’t give out personal information. To help you stay safe, follow these top tips:

  • Check all links within emails before clicking on them. To check a link before clicking on it, hover your mouse over the link. When you hover over the link, you should see the web address appear in a preview box. It may well be different from the visible text that you can see in the email. This can give you a clue that the email is not genuine.
  • Never give out your personal information. Legitimate organisations never ask for your personal details by email. For example, a bank would never ask for your bank account, PIN, password or contact details via email. In doubt? Ring the organisation using the phone number advertised on their main website or visit their official webpage instead.
  • Do not open attachments from people you don’t know or if you’re not expecting them. Your bank, the government, and reputable companies like the Royal Mail, eBay or Amazon, rarely send attachments.
  • Watch out for instructions like “verify your account” or ‘”if you don’t respond within xx hours, your account will be closed’” An example of this would be: “Your library account has expired, therefore you must reactivate it immediately or it will be closed automatically. If you intend to use this service in the future, you must take action at once. To reactivate your account, simply visit the following page and log in with your library account”.
  • Look out for spelling mistakes and poor grammar. If the email is poorly written this may be a sign that the message is a phishing email.
  • In doubt? Don’t engage with the email. Don’t open attachments or follow any links. If you want to check to see if the email is genuine, contact the organisation that appears to have sent it by visiting their official website to find their genuine contact details. If you are still in any doubt, get in touch with the IT Service Desk for advice about whether the email is malicious or not.

Enhanced security on Wi-Fi

To help support your online safety, IT Services is enhancing security on the student Wi-Fi network. This will mean that access to websites which have been categorised as containing potentially inappropriate or harmful content will prevented, in line with the guidance set out in the Acceptable Use Policy (AUP). 

Extra help on offer

IT Services is providing access to useful training which will help you stay safe and vigilant both when using the internet and in everyday interactions, reducing the risk that you will be subjected to a malicious scam. The training will also teach you how to report potential security threats so that they can monitor risks and continue working hard to keep you safe.

The training is available on Canvas. The simplest way to access the training is to log into Canvas and search for the KnowHow course you’re enrolled in, which will be called KnowHow: Study for Success. (PG students need to search for your KnowHow PGT course). The Cyber Security training can be found in the Digital Skills section of your course.

***

Everything you need to know about Welcome

There’s plenty to keep on top of while you get ready to join us this September. Remember, all the important information you need to access before you arrive is available on our welcome webpages and via the links below.

Visit our Welcome webpages

We will be in regular contact with you over the next few weeks, so keep an eye on your emails; we’re looking forward to seeing you soon!