The University of Southampton, along with a large number of other educational institutions, has been subjected to an intense email phishing attack. As a result, a large number of University email accounts have been used for further spamming and phishing attacks to both internal (@soton.ac.uk) and external email addresses.
It is important that you are vigilant and always look out for these kinds of messages and DO NOT click on any links or password prompts from those emails.
What might the current phishing email look like?
The recent phishing attack will appear to come from someone that you know, with a convincing email subject. When you open the email, it will appear blank and will request that you click a link to fully read the email.
DO NOT under any circumstance click the link as it is possible that your username and password may be stolen and used maliciously.
- The University will never ask you to confirm your account or password via email.
- Any email that requests you to click a link to read the contents of an email will be malicious.
The message will appear as follows:
What should I do if I receive this email?
Do not click the link or respond to the email in any way. If you are ever unsure about the authenticity of an email, please check with ServiceLine via the portal or on ext: 25656 before proceeding.
If you have clicked on such a link, please go to Subscribe Self-Service immediately and change your password.
If you do receive this email, help us by reporting it using the “Report Message” feature found in your Outlook toolbar (choose “Junk” for standard spam, and “Phishing” for these kinds of messages (this feature is available on Office 365, Outlook 2013, 2016 onwards– if it is not available on your email client, you can report it using the web version, Outlook online):
If you are using Outlook online, you will find the options under the “Junk” drop-down menu:
If you have associated your University account with any other service and have used the same password elsewhere (for example; Amazon, Ebay, Paypal, etc..) you are advised to change those passwords immediately. Best practice is that you should have a different password for each of these services.
What are the implications if your account is compromised?
When a large number of University email addresses are compromised and used for spamming and phishing attacks, other email services will be aware of this and may block all email addresses from the University reaching their users or customers. This will prevent you and others from communicating with other institutions, suppliers, colleagues, and family via email for a period of time.
Your email account will also be blocked by Microsoft for a period of time, preventing you from emailing anyone, until they ascertain that the account is secure.
Data could be taken from your account and then used fraudulently.
With all of the above scenarios, we as the University have no control over this. However, we would like to assure you that we are working hard to resolve this issue in order to minimise the effect on the University community.
For further advice on how to spot a phishing email and how to protect yourself online please visit our page on keeping safe online.
