Phishing scams and fake emails
We will never ask for your login details or personal information by email. If you get an email like this, it could be an attempt at fraud known as 'phishing'.
Phishing is a scam that uses an email pretending to be from the University or another organisation. This email will ask for valuable information like your password or personal details. Scammers can use this information to access your data or expose you to fraud.
The phishing email is usually an urgent message with a link to a website that looks an official page, but is actually fake. The scammer will try to trick you into entering information like:
- your username and password
- financial information, like bank and credit card details
- National Insurance, Social Security or passport numbers
- common security-related questions, like your mother’s maiden name, schools attended or date of birth
Spear phishing is a scam email where the scammers have been able to use some of your person information (for example your name, course of study or job title) to make the email appear more genuine. Do not be fooled. This is still a fake email.
Don’t believe everything you see. Phishing campaigns are using more convincing email addresses, logos and language to trick people and avoid security systems trying to stop them.
Be careful with unexpected email messages – if it looks suspicious, it probably is.
If you think you have received a phishing email
Do not do what the email tells you to do.
In Outlook forward the email as an attachment to email@example.com. You can do this by following these steps in Outlook:
- Select the email you want to forward.
- Select Home tab
- Select the downward arrow beside More
- Select "Forward as Attachment"
- Enter the email address firstname.lastname@example.org
Microsoft provide instructions on how to attach a message to a message if you are using OWA.
After you've forwarded the email, delete it from your inbox.
If you have followed a link in a phishing email
- If you have entered any financial details, contact your bank immediately and tell them that you have been the victim of an email scam. Do not wait to contact us before doing this.
- If you have entered your University password, change it using Account Manager. If you have used this password on other accounts, change it on those as well.
- Contact the Service Desk so we can advise you what to do next.
- Run a full antivirus scan on your computer or device.
How to tell if an email is genuine
Phishing attacks use the fact that most people receive lots of emails and skim-read a lot of them. It's important to carefully read an email to make sure it's genuine.
Check the email greeting
Phishing emails tend to start with generic phrases like:
- 'Dear University member'
- 'Dear valued customer'
- 'Dear student'
- your email account name, like 'Dear abc123'
Check for spelling or grammatical errors
Phishing emails often include typos.
They may also use names that are very similar to real organisations, but with one minor change.
If something sounds too good to be true, it probably is
Emails offering you money or financial opportunities are often fake. For example:
- jobs or grants that you haven't applied for
- lottery wins
- transferring or receiving money for someone else
Look but don’t click
If you are using a computer, hover your mouse over any links in the body of the email. If the link address doesn't look like an official site address or is different to the text description, don’t click on it.
Check for a valid certificate
The University will only ever ask you to type your password into a secure web page on the bath.ac.uk website.
If you open a login page from the email that claims to be part of the University website, make sure it actually is.
- the browser address bar shows a green padlock or certificate description
- the address starts with 'https', such as 'https://auth.bath.ac.uk/'
You can click the green padlock or certificate description to identify that you are on the bath.ac.uk domain.
If you're not sure if an email is genuine, get in touch and we will investigate it.