Students at UK universities have been warned of a new scam which aims to gain access to their bank accounts.
The phishing campaign sends an email claiming the student has been awarded an educational grant by the Department for Education.
The email purports to have come from the Finance Department of the student’s university and attempts to trick the recipient into clicking on a link which then attempts to extract personal and banking details.
One victim reported that after submitting sensitive information - name, address, date of birth, contact details, telephone provider, bank account details, student ID, National Insurance Number, driving licence number and mother’s maiden name - they were taken to a spoofed website which appeared like a genuine website of their bank, where they were asked to type in their online banking login credentials.
Action Fraud - the National Fraud & Cybercrime Reporting Centre - has issued the following advice to students and indeed anyone on avoiding being scammed.
Do not click on any links or open attachments contained within unsolicited emails.
Do not reply to scam emails or contact the senders in any way.
If an email appears to have come from a person or organisation you know of but the message is unexpected or unusual, contact them directly via another method to confirm that they sent you the email.
If you receive an email which asks you to login to an online account via a link provided in the email, instead of clicking on the link, open your browser and go directly to the company’s website yourself.
If you have clicked on a link in the email, do not supply any information on the website that may open.
If you think you may have compromised the safety of your bank details and/or have lost money due to fraudulent misuse of your cards, you should immediately contact your bank, and report it to Action Fraud.