Home » Topics » Cybersecurity » Newcastle university students scammed into fake course payment

Newcastle university students scammed into fake course payment

Avatar photoby Nick Ismail

Newcastle University students have been scammed into handing over details and making payments for fake courses. The University has issued a formal warning to students, as the site is harvesting information such as passport numbers, as well as taking payments.

Tweet from the university’s twitter handle
Tweet from the university’s twitter handle

 

Azeem Aleem, Director – Advanced Cyber Defence Practice EMEA at RSA Security has offered some advice to potential victims and companies that fall victim to such attacks.

“Make no mistake, this is an effective scam. They’ve put in the time and effort to create a remarkably realistic website. It is well designed, well executed, and it highlights the very real danger of modern spoofing attacks. Even more worrying, they are using this spoofed site to harvest everything from credit card info, passport details, and date of birth; all the personal information that you wouldn’t want to fall into the wrong hands. They have also been careful about targeting, focusing on overseas students who may not have the local knowledge to spot the difference between this site and Newcastle University’s official site.”

>See also: Major UK banks targeted by social media phishing scam

“Newcastle University’s response has been admirable, quickly identifying and warning prospects about the site. Yet it is often very hard for a company or organisation to know if their site has been spoofed until someone has already become a victim. This is why the public need to have greater awareness of the issue of spoofing and take care to protect themselves online. Our advice would be: firstly, avoid clicking on links to websites from emails, if it is from an unknown source. Instead, search for the website using an engine. Secondly, always be sure to check the URL of a site that you are visiting to make sure that the it is correct – often with spoofed sites there will be a few letters in the wrong place that will give clues that it is not official, the devil is in the detail. Thirdly, check the address bar to ensure you are visiting a secure site and there are no warnings – if you look at this site, for example, there is actually a warning that says it is unsecure. Lastly, if you have any doubts, then see if there is a phone number where you can call and get validation before sharing any personal information.”

 

The UK’s largest conference for tech leadershipTech Leaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

Cyber Security

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise