QMUL students sent phishing emails claiming to be awarding educational grants but really trying to access personal banking details
Over the past couple of weeks, university students have been targeted by a “phishing scam” claiming that they are entitled to an Educational Grant.
QMUL students reported that a link accompanying the email led them to an official looking site which demanded private information such as: address, bank account details, National Insurance Number and even mother’s maiden name. One student commented that the site was cleverly disguised to make it appear as though the message really was from Queen Mary:
“…they were taken to a spoofed website which appeared like a genuine website of their bank, where they were asked to type in their online banking login credentials”.
QMUL students have commented that they themselves or people they know very nearly fell for the scam:
“They target vulnerable students struggling with money, and the fact that it was sent as a QM email made students trust it. The email telling students not to respond to the scam was sent out quite a few days later, too.”
-Usman, John, Luka and Rayan, (Economics)
“There was no warning about these kinds of emails, and the response wasn’t really quick enough. Of course, they weren’t aware of it, but these are the kinds of things they have to be aware of. I know someone who’d put in all their details and only on their own accord reached out to Queen Mary before they’d submitted anything.”
-Roshi (History and Politics) and Wajihah (History)
Queen Mary is not the only university to have been hit by such a phishing scheme, other institutions across the country have both been warned of and spoke out about such email, in particularly the University of Glasgow. Measures have been taken to warn students of this cybercrime. Queen Mary sent out an email to its students to make them aware of the scam and hopefully prevent any further student falling victim to it.
QMUL has issued a statement about the phishing email:
“We were made aware late last week that a number of QMUL students had received these phishing emails. QMUL proactively monitors its systems to prevent and detect breaches, and there is no evidence to suggest any system has been compromised in this instance. A message was sent to all students warning them about the scam and providing them with advice on how they can protect themselves online, including details of our cybersecurity training courses.”
The City of London Police have given QMUL students guidelines on how to interact with phishing scams, emphasising first and foremost the need not to reply to the email or interact with it or any links it may carry. The BBC News, upon reporting the story, have also advised that any suspects be emailed to firstname.lastname@example.org.
Image: Nayara Da Paixão Fakir