Criminals would love to get their hands on your student loan, your university password, bank account details or our resources. We block most of these phishing emails, but sometimes they slip through the net. Make sure you know how to avoid them.
How to avoid phishing scams
- Many phishing emails will try to get you to reply with a username and password, or ask you to click on a link and submit personal information such as log in details or bank account details. Don't reply and don't click on any links to avoid falling victim. If in doubt, forward the email to firstname.lastname@example.org, then mark the email as spam and delete it.
- Look out for Gmail warnings! If you get an email that looks like it's from a @sheffield.ac.uk email address but actually isn't, Google will flag it as being unauthenticated. If you see this, be wary and look out for signs of phishing. The message on the right below is how it will look, compared to a message from an authenticated sender on the left:
- Be suspicious of any emails that claim to come from Student Finance England. These can be convincing, but real Student Finance emails will never ask you to confirm your log in or bank account details via email.
- Look out for the Gmail warning that will be displayed if you receive a message which includes a link to a website known for phishing, malware or unwanted software. Don't click on any links when you see this warning, it's not worth the risk!
- Hover over links before you click on them to check where they go. The real URL should reveal itself in the bottom left corner of the browser.