Email scammers target UK universities, especially new students, with the hope of tricking you into giving up personal information.
Phishing emails are false (scam) emails designed to look genuine in an attempt to steal personal details such as passwords and bank account details.
Remember – we will never ask you for your password.
How you can stay aware
If you receive an email you are not sure about, ask yourself whether it is an email you would expect to receive. Does it sound too good to be true? Had you applied for a grant or entered a prize draw? If the answer is no, then be suspicious of the content.
Check that the sender address matches the originating institution. Many of the emails, whilst claiming to come from Cardiff University, will have originated from outside the University and will have a non-Cardiff address, including those of other universities, Gmail, Hotmail, etc. Cardiff University addresses will end with @cardiff.ac.uk or @caerdydd.ac.uk.
Look for poor grammar or spelling. This is often a warning sign that the email is not genuine.
Like your bank, we will never use an unsolicited email to ask you to confirm personal details such as your driving licence number, National Insurance number or mother's maiden name. Any email asking for this level of detail is likely to be a phishing email – be suspicious of it.
What you should do
If you get a suspicious email, do not reply to it or follow any links within it as the links are likely to be false.
Instead, visit the website or contact the company directly. If genuine, the company will be able to confirm the details for you. For example, if you receive an email from PayPal that you are suspicious of, log into PayPal and see if the same message is displayed in your account.
If you're concerned that you have fallen for a phishing scam, and you have entered your bank account details, contact your bank immediately to warn them of the threat.
Install anti-virus software – it’s free whilst you are studying here – and keep it up to date. Simply log into the student intranet and search for ‘Sophos’.
If you have any concerns about any suspicious emails you receive, or if you have any questions or concerns about phishing, please contact the IT Service Desk: