We use cookies to improve your experience. By continuing to browse this site, you are agreeing to our use of cookies. Find out more Accept and Close
Non-Emergency Enquiries: 101

Phishing

Phishing is a method used by fraudsters to access valuable personal details, such as usernames and passwords.

These can have a monetary value to criminals. Phishing can also involve sending malicious attachments or website links in an effort to infect computers or mobile devices. Criminals often send bogus communications, ie. emails, letters, instant messages or text messages, which appear to be authentic communications from legitimate organisations.

What to look out for and what to do if you receive a phishing message:

Identity Theft IconBe Aware and Pro-active

When responding to emails never give your login or personal details. If you receive an email from a company that claims to be legitimate but is requesting these details, or a contact number tell them you will call them back. Use a contact number for the organisation that you have found correctly.

Use Your Spam Filter

If you detect a phishing email, mark the message as spam and delete it. This ensures that the message cannot reach your inbox in future.

Know Your Source

Never respond to a message from an unknown source. Take care not to click any embedded links.

Safety tips:

  • Phishing is still a threat. Always remember that banks will never contact their customers by email to ask for passwords or any other sensitive information by clicking on a link and visiting a website.
  • The email address that appears in the 'from' field of an email is not a guarantee that the email came from the person or organisation that it claims to have originated from.
  • Fraudsters are unlikely to know your real name, so the email may address you in vague terms, for example 'Dear Valued Customer'.
  • Phishing emails will probably contain odd 'spe11ings' or 'cApitALs in the 'subject' box and contain spelling or grammatical errors in the email - this is an attempt to get around spam filters and into your inbox.

If you are a victim of a phishing scam you should report it to Action Fraud.

Advice for students to be aware of phising scam

University students in Staffordshire and the UK are being warned about a phishing scam by fraudsters as part of a new campaign being launched by the National Fraud Intelligence Bureau.

As part of the scam, students will receive a fake email from the finance department of their University saying that they have been awarded an educational grant.

When the recipient clicks on the link, they are asked to supply personal information and banking details such as usernames, passwords and credit card information which can then be used to defraud the person involved.

Phishing is a method used by fraudsters to access valuable personal details about an individual which can be used for various reasons including stealing money or to infect computers and mobile devices.

You should never provide any personal information or financial details to anyone unless you are absolutely sure it is safe to do so.

If you believe you have been the victim of phishing or any other type of fraud, you should report it to Action Fraud on 0300 123 2040 or online at Action Fraud.

For more information about the campaign, please visit the National Fraud Intelligence Bureau's website.

Students to be Aware of Phishing Campaign

University students in Staffordshire and the UK are being warned by the National Fraud Intelligence Bureau about a phishing scam by fraudsters.

As part of the scam, students will receive a fake email from the finance department of their University saying that they have been awarded an educational grant.

When the recipient clicks on the link, they are asked to supply personal information and banking details such as usernames, passwords and credit card information which can then be used to defraud the person involved.

Phishing is a method used by fraudsters to access valuable personal details about an individual which can be used for various reasons including stealing money or to infect computers and mobile devices.

You should never provide any personal information or financial details to anyone unless you are absolutely sure it is safe to do so.

If you believe you have been the victim of phishing or any other type of fraud, you should report it to Action Fraud on 0300 123 2040 or online at Action Fraud.

For more information about the campaign, please visit the National Fraud Intelligence Bureau's website.

Phishing Email Warning - Speeding Notification

People are being warned of fraudsters sending out phishing emails purporting to be from a police force. The message includes a subject heading 'Notice of Intended Prosecution' and 'NIP - Notice Number' followed by a combination of letters and numbers, details of the offence and a 'Check the Photographic Evidence Link.'

It is believed that the URL hidden behind the line 'Check The Photographic Evidence' delivers a Banking Trojan which is involved in stealing online banking login details from victims.

Protection/Prevention Advice

  • Don't click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can 'spoof' an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It's important that the device you back up to is not left connected to your computer as any malware infection could spread to that as well.
  • If you think your bank details have been compromised, you should immediately contact your bank.
  • If you have been affected by this, or any other fraud, report it to Action Fraud by calling 0300 123 2040, or visit Action Fraud.

Department of Education - Phishing Alert

People are being warned of fraudsters calling education establishments claiming to be from the Department of Education. They then ask to be given the personal email and/or phone number of the head teacher/financial administrator.

The fraudsters claim that they need to send guidance forms to the head teacher (these so far have varied from exam guidance to mental health assessments). The scammers on the phone will claim that they need to send these documents directly to the head teacher and not to a generic school inbox, using the argument that they contain sensitive information.'

The emails will include an attachment - a .zip file (potentially masked as an Excel or Word document). This attachment will contain ransomware, that once downloaded will encrypt files and demand money (up to £8000) to recover the files.

It should be noted that similar scam attempts have been made recently by fraudsters claiming to be from the Department for Work and Pensions and telecoms providers (in this case they ask to speak to the head teacher about 'internet systems').

Protection/Prevention Advice

Having up-to-date virus protection is essential; however it will not always prevent you from becoming infected.

Please consider the following actions:

  • Although the scammers may know personal details about the head teacher and use these to convince you they are a real employee, be mindful of where these have been obtained from, are these listed on your public facing website?
  • Please note that the "Department of Education" is not a real government department (the real name is the "Department for Education").
  • Don't click on links or open any attachments you receive in unsolicited emails or SMS messages. Remember that fraudsters can 'spoof' an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It's important that the device you back up to aren't left connected to your computer as any malware infection could spread to that too.
  • Do not pay extortion demands as this only feeds into criminals' hands, and there's no guarantee that access to your files will be restored if you do pay.
  • If you think your bank details have been compromised, you should immediately contact your bank.
  • If you have been affected by this, or any other fraud, report it to Action Fraud by calling 0300 123 2040, or visit Action Fraud.