Persistent Phishing attack targeting University email accounts

Thu, 10 October 19


Please be alert that there is a high number of malicious phishing emails being sent to University email accounts impersonating senior members of staff. These fraudulent emails are using email addresses containing staff names or names of schools, departments, etc. and some of the emails also contain images of members of staff. The fraudulent emails are requesting everything from fund transfers, changes to bank details, urgently send voucher codes such as iTunes and Steam vouchers, attempting to steal staff passwords, etc.

An example of the fake email addresses being used are:

  • Simone.Dell.ucd@gmail.com
  • Simone.Dell.ucd@outlook.ie
  • Simone.dell@ucd-edu.com

The following advice will help you identify and avoid phishing scams:

  • Use the Gmail web client and Gmail mobile app instead of clients such as Outlook, native iPhone clients, etc. Gmail includes University specific warning messages when it detects that a staff account is being impersonated or spoofed, such as:

  • Always check the reply to address before replying, verify links in email and never download unexpected attachments.
  •  If suspicious, always verify the sender by contacting them directly using a trusted phone number, such as their contact number in the staff directory. Don’t trust the contact details in the email.
  • Review IT Security Phishing Awareness page to familiarise yourself with this type of attack.
  • Check that your anti-virus software is up to date and active. Sophos Endpoint Protection software for Windows and Mac is available from IT Services software downloads web page.
  • Trust your instincts. If you suspect something is suspicious, it probably is!

To find out more about the different types of cyber threats affecting University and how to avoid them, please book a place on the next IT Security Awareness session.

Finally, if you do receive a malicious email, please mark it as “spam” in Gmail and make your colleagues aware of the incident. Please remain vigilant as this is an active and persistent threat and the attackers are constantly changing email addresses to avoid the University email blacklist.

Should you have any queries on this matter, please contact the IT Helpdesk on ithelpdesk@ucd.ie or 01 716 2700.