Phishing is the fraudulent process of attempting to acquire sensitive information such as usernames, passwords and bank or credit card details by criminals masquerading as a trustworthy person or organisation in an electronic communication. Phishing attacks are most often launched by email, although some have been seen using other methods such as mobile phone text messages.

OUCS is particularly concerned about phishing attempts to gather usernames and passwords for University services, which have been an increasingly common target since late 2008. Many people have been tricked by these scams and in some cases, University accounts have been abused by attackers. Such account abuse may cause considerable inconvenience and/or damage to reputation for the account owner, their IT staff, their college and potentially for the University as a whole.

It is vital that OUCS is warned of any phishing attempts against University services as quickly as possible so that OUCS staff can act swiftly to limit the potential for abuse. We strongly encourage you report such attempts to us at phishing@it.ox.ac.uk; please see below for details.

Sections in this document: