University of Bath students and staff may be targeted by ‘phishing’ attacks – emails pretending to come from the Library, IT services or other university professional services.
We’d like to remind all users of the official advice offered by the Digital, Data & Technology (DD&T) Group detailed here:
[The University] will never ask for your login details or personal information by email. If you get an email like this, it could be an attempt at fraud known as ‘phishing’.
The phishing email is usually an urgent message with a link to a website that copies an official page, but is actually fake, such as the University login portal. The fraudster will try to trick you into entering [personal] information that is useful to gain access to any of your accounts or financial information […].
If you have followed a link in a phishing email
- If you have entered any financial details, contact your bank immediately and tell them that you have been the victim of an email scam. Do not wait to contact DD&T before doing this.
- If you have entered your University password, change it using Account Manager. If you have used this password on other accounts, change it on those as well.
- Contact the Service Desk so we can advise you what to do next.
- Run a full antivirus scan on your computer or device.
The library does send a number of automated advisory emails about borrower accounts, reservations and item recalls. However, the Library would never have any reason to ask you for your IT password OR to login to any online portal or borrower account to confirm your account status or re-register for library membership or access to online resources.
If you are ever in doubt about an email you’ve received, please visit the University homepage and look for a contact email or phone number to follow up with a member of University staff directly – do not use any emails or weblinks provided in the suspicious email. The Library can be reached via email@example.com