Skip to main content
University of Bath

Phishing scams and fake emails

We will never ask for your login details or personal information by email. If you get an email like this, it could be an attempt at fraud known as 'phishing'.

Phishing scams


Phishing is a scam that uses an email pretending to be from the University or another organisation. This email will ask for valuable information like your password or personal details. Scammers can use this information to access your data or expose you to fraud.

The phishing email is usually an urgent message with a link to a website that copies an official page, but is actually fake. The scammer will try to trick you into entering information that is useful to gain access to any of your accounts or financial information like:

  • your username and password
  • financial information, like bank and credit card details
  • National Insurance, Social Security or passport numbers
  • common security-related questions, like your mother’s maiden name, schools attended or date of birth

Spear phishing

Spear phishing is a scam email where the scammers have been able to use some of your personal information (for example your name, course of study or job title) to make the email appear more genuine. Do not be fooled. This is still a fake email.

Don’t believe everything you see. Phishing campaigns are using more convincing email addresses, logos and language to trick people and avoid security systems trying to stop them.

Be careful with unexpected email messages – if it looks suspicious, it probably is.

If you think you have received a phishing email

Do not do what the email tells you to do.

In Outlook there is a button on the top right-hand side of your screen called 'Report Message'

When you select this, a drop-down menu will appear with the options:

  • Junk
  • Phishing
  • Not Junk
  • Select the category that your email falls into.

The email will then be forwarded to Microsoft for analysis and our IT Security team. The email will then be automatically deleted from your inbox to keep you safe and secure.

If you have followed a link in a phishing email

  1. If you have entered any financial details, contact your bank immediately and tell them that you have been the victim of an email scam. Do not wait to contact us before doing this.
  2. If you have entered your University password, change it using Account Manager. If you have used this password on other accounts, change it on those as well.
  3. Contact the Service Desk so we can advise you what to do next.
  4. Run a full antivirus scan on your computer or device.

How to tell if an email is genuine

Phishing attacks use the fact that most people receive lots of emails and skim-read a lot of them. It's important to carefully read an email to make sure it's genuine.

Check the email greeting

Phishing emails tend to start with generic phrases like:

  • 'Dear University member'
  • 'Dear valued customer'
  • 'Dear student'
  • your email account name, like 'Dear abc123'

Check for spelling or grammatical errors

Phishing emails used to include typos but standards have improved so they can be difficult to spot.

They often use names that are very similar to real organisations, but with one minor change to make it difficult to tell the difference

If something sounds too good to be true, it probably is

Emails offering you money or financial opportunities are often fake. For example:

  • jobs or grants that you haven't applied for
  • lottery wins
  • transferring or receiving money for someone else

Look but don’t click

If you are using a computer, hover your mouse over any links in the body of the email. If the link address doesn't look like an official site address or is different to the text description, don’t click on it.

Check for a valid certificate

The University will only ever ask you to type your password into a secure web page on the website.

If you open a login page from the email that claims to be part of the University website, make sure it actually is.

Check that:

  • the browser address bar shows a green padlock or certificate description
  • the address starts with 'https', such as ''

You can click the green padlock or certificate description to identify that you are on the domain.

Ask us

If you're not sure if an email is genuine, get in touch and we will investigate it.