Information Services has recently received reports of ‘spoofed’ email addresses being used to gain confidential information from members of staff.

A spoofed email address appears to be registered to an individual who works for the University (usually someone senior) but is not. In the reports we’ve had, an unknown individual has set up an email address which appears to be from senior members of the University.

Your Outlook Inbox displays the ‘from’ name rather than the ‘from’ email address. When you open the email in a new window you will see the email header. This is where the ‘from’ email address is displayed as highlighted below:

Example:

From: Sam Passingham <quickreply92873@aol.com>
Sent: 13 February 2017 09:45

The email message is likely to be short and ask a simple question in order to prompt an email exchange, during which more detailed information can be obtained. This type of email fraud is considered ‘social engineering’.

How to seek help and advice

If you are unsure about an email you have received, do not hesitate to contact the IT Service Desk or your local IT support team. General advice on avoiding being caught by phishing attempts is featured on our cyber security webpages.