Cambridge University students targeted in password-stealing scam
Students in the English Faculty lost access to their email accounts and all content associated with them
Students at the University of Cambridge are being targeted by a phishing email which steals their University login details.
The scam spreads in the form of Dropbox emails, described as “dodgy” in an email from Jennifer Pollard, computer officer at the English Faculty.
She warned: “If you HAVE received one and you clicked on the link and got something other than ‘file not found’, the advice is to ‘change your password as soon as possible’”.
She also suggested contacting the University Information Services (UIS).
In the scam, a legitimate looking email is sent from a Cambridge student’s email address, stating that the student had “invited” the receiver to “view the file University of Cambridge #55667.pdf on Dropbox.”
Once a student clicks the link they are prompted to login to Raven, the student authentication service, which gives the hackers their email login details as well as access to the student’s academic details, including exam enrolment, timetable, and courses.
Students who open the link are unable to open the file and then lose access to their email and all Cambridge University content associated with it. This prevents students from using Cambridge to access research papers and resources.
A student at Peterhouse who was attempting to recover her account said: “It’s very frustrating. There was a very quick response from the UIS to initiate the process, but I’m waiting on my password to be actually changed.”
She had to ask a friend to forward the seminar reading for this week due to the disruption.
“It was really good that the English Faculty emailed students so quickly, but it wasn’t very useful as I couldn’t actually get into my email account,” she continued.
Another student explained how they were “so close to clicking it - I’m glad I didn’t,” adding: “I could’ve exposed my computer to so many viruses; I’m really thankful I didn’t click on it.”
This recent scam comes after Cambridge students have been subject to multiple online attacks this year. In July, international students were targeted by scammers offering a discount on next year’s tuition fees in exchange for an upfront payment, while fake Ticketbridge accounts preyed on demand for May Week events.
At the start of this year, phishing emails claiming to be from department heads tricked multiple staff members into making expensive purchases. Staff and PhD students were reimbursed by their faculties after buying vouchers worth up to £500.
The University’s medical school was also hit by a cyberattack in February this year, leaving hundreds of researchers unable to access computers due to “malicious activity”. This followed the University Library’s electronic legal deposit systems being due to a “major technology outage”.
The UL’s systems, which consisted of over ten million journal articles and nearly 800,000 books, maps, journals, and music scores, are still in the process of being restored in a process that could take “several months”.
The University of Cambridge was contacted for comment.
- Features / The case of the neglectful college parent3 December 2024
- News / Trinity referred to UN over ‘aiding and abetting international crimes against Palestinians’ 5 December 2024
- Comment / What they don’t teach you at Cambridge: how to get a job29 November 2024
- Theatre / Snow White is rotten right to the core29 November 2024
- Features / In search of togetherness: Cambridge’s international students1 December 2024