Skip to navigation | Skip to main content | Skip to footer
Menu
Search the University of Manchester siteSearch Menu StaffNet

Beware of phishing emails!

13 May 2010

Don't let your University account be hijacked

keyboard

Do not respond to ‘phishing’ emails.

Protect your IT password.

You should delete immediately any e-mails appearing to come from the University's IT Services which:

  • Ask for your username and password
  • Take you to a webmail login page
  • Threaten loss of e-mail/network access if you do not respond

These e-mails are sent as part of a criminal activity known as ‘phishing’ and you should never respond to them with your account details.

Please remember that:

  • Your password is personal and should not be revealed to anyone else for any reason.
  • University IT staff should never ask for your password and certainly not by e-mail or other electronic means.
  • If IT staff need to use your account, they can change your password and you can re-set it afterwards.

Phishing e-mails are sent by individuals or groups who assume the identity of a legitimate organisation or website, using forged e-mail and/or web pages. They persuade users to share their usernames and passwords (and often personal financial information) and then use them to commit fraud. This is also known as ‘identity theft’.

Recent phishing attacks on the University have become more sophisticated and it is sometimes quite difficult to spot if the message is genuine or not. This is especially true if they ask you to click on a web link and it appears to take you to the webmail login page. 

Please play your part in protecting the reputation of the University and fighting the fraudsters by keeping your password to yourself.