Navigate Up
Sign In
Skip Navigation LinksHome > News > Phising Scam Emails in circulation


 Content Editor

The blocks our Systems Team have put in place have proven effective and are stopping the spread of these phishing emails. Despite this, please stay vigilant – this attacker is known to change the contents of the phishing emails in an attempt to bypass blocks. Remember:


  • Don’t click links or coloured buttons in emails that resemble the examples we included in earlier announcements.
  • Be generally suspicious of clicking unsolicited links in emails, whoever they’re from.

If you have clicked the coloured button in an email, please contact the IT service desk . As always, they are available on extension 2222, or externally on 0300 111 4895 or via e-mail

If you have received such emails but have not clicked the button, just delete them. You do not have to report these to the IT Service desk – only let us know if you have clicked the button.

If we suspect that you may have clicked a link and your email account has become compromised, then as a precaution we will put a temporary block on your account until we are able to resolve the issue. If you believe this may have happened, contact the IT Service desk, as described above, for help.

Identifying the phishing emails:

These phishing emails try to get you to click on a coloured button that links to a web page that tries to steal your email password. If it is successful, it uses your email account to send more copies of itself.

 The phishing emails:

  • Come from a valid email address of someone you have exchanged email with.
  • Contain a Red, Green, or Blue button saying something like “Display message content” or “Display trusted message body” or “Open message”.
  • Use a subject line based on existing mails you have exchanged.

See these examples:


The exact format and wording of the mail varies; as a general rule you should never click on unsolicited links in email.

If you have any questions or concerns about this urgent work, please contact the IT Service Desk on extension 2222, or externally on 0300 111 4895 or e-mail

Graham Hill

Information Security Manager (IT Services)