Skip to navigation | Skip to main content | Skip to footer
Search the University of Manchester siteSearch Menu StaffNet
Search type

Beware of fake ‘phishing’ emails claiming to be from the University

31 Jul 2020

IT Services sees an increase in reported phishing emails – please remain vigilant

two fishermen fishing

One particular scam, that was first seen at our University some months ago, is reportedly back. The content of the emails is quite convincing and they look to be signed by the Pensions Office. However, upon closer inspection they do not come from a email address – which is an indication that something is not right, and that the email could be fake.  

These emails are part of a global malicious software (malware) campaign known as Emotet, affecting users across the world and targeting individuals, businesses and government organisations. The Emotet malware generates emails from random email addresses, but includes previous email correspondence captured from compromised computers, which makes them seem more legitimate and spreads another type of malware – a Trojan virus called TrickBot. IT Services are actively investigating the source of these emails to block and remove them.  

How to report phishing emails

Phishing messages are emails that try to trick you into giving out personal information, or visiting fake websites. If you receive an email which appears to come from the Pensions Office (or anywhere else at the University), and it is not from an email address, do not click on any links or open any attachments in the message. Instead, forward the email as an attachment using the following steps in Microsoft Outlook: 

  1. Select the junk email message 
  2. Click 'More' (usually next to the 'Forward' button) and select 'Forward as attachment' 
  3. In the new message window that pops up, send the email to:

It’s important that you forward as an attachment so that IT Services have all the information they need to investigate exactly where the email came from – if you don’t forward it as an attachment, the sender information is lost. You don't need to explain why you've sent the message – everything we need to know will be in that attachment.  

Do not click on any links! 

Responding to a phishing attack, or even just clicking on a link in a fake email can: 

  • Release your personal details to someone who may use them fraudulently
  • Encrypt your files and folders, demanding that a 'ransom' fee be paid to revert the damage
  • Stop your computer from working completely

Help! I clicked the link… 

If you think you’re a victim of a phishing email, or that your computer has become infected, telephone the IT Support Centre immediately on +44(0)161 306 5544. 

If you receive a suspicious email, do not click on any links and do not reply – let IT Services know by following the instructions on the email phishing information page: