Malicious email containing red button

Click here to show/hide earlier details

UPDATE: 14 Mar 2019 - 9:55am

Staff and students at Sussex are still receiving messages from the clever, malicious email campaign that’s targeting the University.

You can spot these messages by looking for:

  • No actual content in the email itself
  • A red or green button that you need to click to “view the message” or “display message content”
  • A fake due-date (for example “open before Friday”)
  • The sender will generally not be a genuine @sussex.ac.uk address.
    However, some people have now given away their login details by following the link and typing their password into a fake website.  As a result, some Sussex accounts are being used to send these phishing emails.

The subject line will often mention something related to your work or studies.  Please be vigilant for more of these attacks and please help us raise awareness with students and staff.

Please reset your password IMMEDIATELY if you think you may have given away your login details.  Changing your password regularly is good security practice.

Staff in ITS are actively monitoring the situation and blocking websites used by the criminals.

Stay safe online - visit the ITS website and read our Top 10 Tips for online security.

Subscribe to our latest news mailing list to receive email alerts of updates.