Instances of the phishing email have been removed, and the website attempting to trick users into disclosing personal information was blocked through the University campus network, through opening the link in Office 365, and by the University Sophos anti-virus software.
Anybody who is concerned they may have been affected by disclosing personal information is encouraged to utilise the UK's national Action Fraud resource, which can be found at https://www.actionfraud.police.uk
• Telephone the IT Service Desk urgently if you have entered your username/password into a fake login site, or if you have opened a suspect attachment on an email - do not email the IT Service Desk in these situations, instead telephone them or live chat them as a speedy response can be important • Inform IT about a suspected phishing email by using the Report Message button within Outlook - there is no need to email IT or forward the phish email in addition to this
Posted Aug 02, 2022 - 11:07 BST
We are aware that a number of users have received a phishing email relating to a fictitious staff portal.
These phishing emails have a subject line similar to "PLEASE READ: Important Message" and seem to come from firstname.lastname@example.org. The email refers to an important message from Staff Portal, and asks that the attachment on the email be opened to proceed. The email has an attachment named MyCardiff_Staff_Portal.html which ultimately prompts for username and password.
Work is already underway to find, remove, and block these malicious emails, along with any web addresses they link to.
Search for Scam emails on the staff or student intranet for information on how to spot phishing & scam emails, how to report them, how to get help from IT if affected, and how to stay safe online.
Posted Aug 02, 2022 - 09:50 BST
This incident affects: Communication & Collaboration (Email & Calendar (Outlook)).