Reminder: beware of phishing emails and scams

As we head towards the summer, we're reminding students to be aware of phishing emails sent to their inboxes. 

Current scam requesting LJMU students to complete their yearbook 

We've been alerted to a specific email scam targeting students, asking them to buy a yearbook. The sender appears as registration@my-yearbook.com, and the email subject is 'Complete Your Yearbook account.'

The email asks you to fill in a form with personal details, including your name, mobile phone number, personal and university email address, profile picture, and the degree you have achieved. The form also requires you to pay either a £5 or £10 fee, which the scammers then use to set up recurring payments from your account. If you have received this email, do not click on any links or enter your information in the form; just delete the email. 

Phishing is a type of cyberattack where someone attempts to deceive an individual into revealing personal information, such as passwords, login credentials, or bank card information. This is typically done via emails, text messages, or phone calls, which can appear convincing but are malicious.  

How to Spot a Phishing Email 

• Address of sender – Check if their email is legitimate. Is everything in it spelt correctly, or is there something suspicious about it? 
• Urgency – Phishing emails can use tight deadlines to create a sense of urgency and pressure you into taking immediate action. 
• Greetings – Be cautious if the email has a generic greeting such as 'Dear valued customer' or 'Dear colleague,' as this could indicate the sender does not know who you are. 
• Spelling and grammar – Poor grammar, spelling mistakes, or unusual sentence structures can signify a phishing attempt. 
• Unfamiliar links and URLs – Hover over links to see if the URL matches the official website's URL – if it doesn't, don't click it. 
• Requests for sensitive information – They are trying to trick you into giving your details. 

How to Deal with Suspicious Emails 

Our advice to students affected by this scam is to delete the email.  

What to Do if You've Already Clicked 

If you've clicked on a phishing link, it's important not to panic but to act quickly to minimise potential damage. Students should either go to the library for support or use the "Ask for Help with IT" option on the Student Help IT page and not to ITS for support at the moment. 

• Change your account passwords to long, strong, unique passwords. 
• Run a full antivirus scan on your device to detect and remove any potential malware. 
• Keep an eye on your accounts for any unauthorised activity. If you notice anything suspicious, report it immediately. 
• If you have provided financial information, contact your bank to secure your account. If you have lost money, report this to Action Fraud. 

For more information, please visit the Privacy and Digital Security webpage.