IT Services | News | Phishing email

Document Actions

Phishing email

An email purporting to be from a Birkbeck lecturer has been sent to a number of staff. It asks them to click on a link in order to access a new email service. Please DO NOT click the link, this is a PHISHING email

A number of you have forwarded an email purporting to be from a lecturer at Birkbeck. Thank you to those of you who spotted this and raised it.

This is a phishing email designed to harvest your login credentials.

It appears the user account of one of our staff may have been compromised and been used to send a large number of phishing emails. In this instance we have blocked the link and will contact anyone who “clicked the link” from a device on the Birkbeck network. The “sender” has also been contacted to make him aware and to change his password.

This serves as a timely reminder of the importance to please keep your password safe – it is important.

Ensure your password is strong, not known to others, and is not easy to guess - see here: 

https://en.wikipedia.org/wiki/List_of_the_most_common_passwords)

If you think your account may have been compromised, you must contact the IT Services helpdesk immediately – details below.

Some identifiers to help spot this as a phishing email:

1. This purports to be about a new email system

       - ITS would normally announce this several times and provide notice

       - ITS would also ensure information were provided in College web-sites as corroboration/further details – for example, visit the IT Services News page to find this article

      http://www.bbk.ac.uk/its/news/phishing-email

2. The use of language is not right – there are a number of grammar and syntactic errors (not that we’re immune to those!). In this type of communication, there would normally be a contact number to speak to the IT Service desk.

3. Hover over the “CLICK-HERE” link (do NOT click it!) – the address shown is not a Birkbeck address. Most legitimate Birkbeck addresses have the following format:

       - something.bbk.ac.uk/furtherdetails

       - something.birkbeck.ac.uk/furtherdetails

We also maintain a list of other sites that are used by Birkbeck here: http://www.bbk.ac.uk/its/services/email/web-sites-linked-in-email-messages

For further information, please view www.bbk.ac.uk/its/services/email/phishing 

If you have any questions, please contact the IT Services team at its@bbk.ac.uk or call 020 7631 6543

Filed under: ,