Skip to main content

Beware of phishing and fraud

A summary of common phishing attacks aimed at students. The University or the Students Loans Company (SLC) will never contact you for your login or password.

What to look out for

Fraudsters have been sending phishing emails to students attempting to access online student accounts and change bank details in order to take money.


The fraudsters have been posing as the Student Loans Company (SLC) or the University asking for personal information, but other fake identities may be used.

The Student Loans Company (SLC) and the University will never ask you to confirm your login and password or ask for bank details or personal information by email, so any that you receive asking you to confirm this information is bogus.

Don't take the bait!

Make yourself aware of the scam techniques used by fraudsters, so you're less likely to be tricked by a phishing scam.


What to do if you receive such an email

You're most likely to be targeted with phishing emails in the weeks leading up to a grant or loan payment date so please be especially vigilant at these times.


If you receive an email posing as the Student Loans Company (SLC) then forward it to phishing@slc.co.uk. The SLC will then investigate. More information is available from the SLC website.

Scams targeted at International Students

There have been recent reports of a number of International Students receiving phone calls or emails from someone claiming to be from the Home Office.


Please be aware that scams can be very sophisticated and can appear to be from a Home Office telephone number or email address.

Please see guidance from the Home Office with regards to fraud, tricks and scams.

If you receive a call or email requesting money from someone claiming to be from the Home Office, and you are not sure whether it is genuine, please contact the Student Immigration Service. They can advise you whether it is likely to be genuine or a scam.

If you are a Chinese student please see this information from UKCISA regarding a scam specifically targeting Chinese students.


Email Sextortion

Email sextortion is a social engineering attack carried out by email making allegations of cybersex.


It is typically a targeted attack using email addresses harvested in a data breach. An example would be threats to release webcam images of the recipient if payment is not made to the sender. More information and advice about what to do if it happens to you is available on the University's wiki pages.


Money mules and money laundering

A money mule is someone who is asked by a third party to receive money into their bank account and transfer it onto another account, keeping some of the cash for themselves.


Fraudsters may ask you to receive money into your bank account and transfer it into another account, keeping some of the cash for yourself. If you let this happen, you’re a money mule. You’re involved in money laundering, which is a crime.

You can be approached online or in person. They might post what looks like a genuine job ad, then ask for your bank details.

Don’t Be Fooled by offers of quick cash.

The Get Safe Online website has general advice about staying safe online.

If you should find yourself in financial difficulty as a result of a phishing incident, please contact Student Money Advice for guidance and support. You may be eligible for a short-term loan or a hardship payment.

Find out more about protecting yourself from fraud.

Visit go.bath.ac.uk/staysafeonline to view top tips to stay safe online.

Contact us

You can contact us for help and advice in person by visiting the IT Service Desk on level 2 of the Library. Alternatively, please complete our IT Help Form.