Report Incident


Have you ever had your email account hacked?

Yes, but only once.
Yes, several times.
No, never.
Not that I know of.
Icon representing NFIB Alert - Phishing Scam targeting universities

NFIB Alert - Phishing Scam targeting universities

HR Department Pay Rise University Spear-Phishing Alert
On behalf of the National Fraud Intelligence Bureau, please find attached information relating to a Phishing Campaign

Fraudsters are sending out a high number of phishing emails to university email addresses claiming to be from their own HR department. These email addresses are either spoofed or in some cases using compromised university email accounts.

The email claims that the recipient is entitled to a pay rise from their department and to click on a link to claim the pay rise.

This link then takes you to a spoofed university website telling you to enter to your personal details (including university login details and financial information). These financial details can then be used by criminals, and the login details are usually passed around and sold for future fraud campaigns.


It is advisable that all universities prompt all staff and students change any password associated with their university email/IT accounts. Due to potential data breaches, it is recommended that universities discuss with the IT departments about issuing a mandatory password reset for all users.

Please also consider the following actions:
  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication. Information on how to locate email headers can be found at https://mxtoolbox.com/Public/Content/EmailHeaders/
  • Use strong passwords which include a mixture of letters, numbers and special characters, and include both upper and lower case characters. Furthermore, it is encouraged that random words as opposed to passwords with personal meanings (e.g. children’s names)
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • If you think your bank details have been compromised, you should immediately contact your bank.
  • If you have been affected by this, or any other fraud, report it to your local police force via 101 or Action Fraud by calling 0300 123 2040, or visiting www.actionfraud.police.uk.