Due to a recent phishing incident at the University, we would like to remind everyone to be vigilant when clicking links or attachments in email. “Phishing" the most common type of cyber-attack can take many forms, but ultimately has one aim – misguiding you to provide or share sensitive information such as login credentials.

“Phishing” emails impersonate a real company or service used by the University to obtain your login credentials. Typically, they request you verify your account details via a link taking you to an imposter login screen that delivers your information directly to the attackers. In the recent attack the hacker used a “Shared Document” phishing method, sharing a document link which once clicked requested the recipient’s university credentials to access the content:

Example of an image used in a phishing email. The image was created to appear like a document sharing icon.

Phishing emails come in many forms, so vigilance is key. Although the University has robust controls to help protect our networks and computers from cyber-threats, with the changing methods of cyber-attacks we rely our staff and students to be our first line of defence.

What you can do

  • Do not click on links or attachments from senders that you do not recognise.
  • Be vigilant with unusual requests from the sender, or content which does not typically relate to their area of business.
  • Do not provide sensitive personal information (like usernames and passwords) over email.
  • Watch for email senders that use suspicious or misleading domain names.
  • Inspect URLs carefully to make sure they’re legitimate and not imposter sites.
  • Do not try to open any shared document that you’re not expecting to receive.
  • If you can’t tell if an email is legitimate or not, please contact it.helpdesk@essex.ac.uk for advice.

Be especially cautious when opening attachments or clicking links if you receive an email containing a warning banner indicating that it originated from an external source.

You can find out more about how to stay secure online and protect yourself from scams and fraud on our Staff Directory.

Thanks again for helping to keep our network, and our people, safe from these cyber threats.