(Image extracted from: http://www.mcsmetro.com/business-email.php)
Street and petty crimes in the UK have declined over the years, thanks to the vigilance of agencies responsible for maintaining law & order. Unfortunately, the same cannot be said about the virtual world, where crimes like phishing attacks have consistently been on the rise for the past many years. Not only are such attacks on the rise, but they are getting more intelligent. The intelligence on the criminal's part and the carelessness on the victim's part make the situation even more miserable than it already is.
Shockingly, it appears that students are the new favourite targets of cyber criminals. The attacks specifically aimed at students cunningly dupe them into sharing their intimate details without them even knowing about it. Furthermore, phishing attacks are also being used to virtually hijack computers and devices by encrypting the information contained on them. As you may have guessed it, the hijack comes to an end with the victim paying a ransom fee to the hijacker for restoring his access back to his data.
Spam Email Phishing Attacks:
According to a report released by National Fraud & Cyber Crime Reporting Centre, students in the UK's universities are being hit by a new wave of phishing emails that claim to offer a scholarship or an educational grant. The phishing email takes them to a fake website where they are deceived into revealing their personal information such as bank details. The emails are designed to look very professional, similar to the ones usually sent by the finance department of a university. Such forgeries are difficult for students to detect without detailed scrutiny of the email headers, which is usually obscure to most people.
Here are some common examples of phishing messages aimed at persuading students to visit completely fake but genuine looking websites where they are swindled into sharing their confidential information by filling out a form of sorts:
- "There is some problem with your account and you must verify your details or the account will expire soon"
- "The university offers educational grant to new students this year. Interested students can fill out the attached form to apply till tomorrow (or any specified date)"
We are all aware of the fact that not every student can bear the cost of university education and they are always on the hunt for a full or partial scholarship, or any sort of endowment to facilitate their university education. This makes them especially vulnerable to phishing attacks. The Students Loan Company has said that students are particularly targeted around their main payment dates in September, January and April.
How to Spot a Phishing Email?
Several universities in the UK, such as Queen Mary University of London, University of Manchester, University of Exeter, University of Warwick, University of Edinburgh and others have been very vocal on this issue and ran an awareness campaign to assist students avoid phishing emails. University of Cardiff illustrated several measures to help students identify the authenticity of the email, which even might reflect a university's mailing address.
(extracted from University of Cardiff)
- Source Email Address: Notice the sender's mailing address firstname.lastname@example.org. This is an email address with a misleading variation. The original email address is cardiff.ac.uk
- NEVER share your passwords with anybody. A legitimate person, such as university's IT/Finance support personnel, will never ask you to reveal your password.
Note: If you or you colleagues have not gone through any orientation regarding phishing scams, refer to the concerned University Staff. Stay Safe!