Fraudulent emails, spam, and phishing attacks.

Advice about how to spot online fraud and phishing emails and what to do.

ℹ️ Never share your username or password. If anyone asks for them by email, text, or phone, it’s a scam.

⚡Report any security breach or suspected breach on a University device, account, or system to the Helpdesk immediately.

Latest scams to be aware of:

Phishing emails – January 2026

In early January the University was targeted by a series of phishing emails sent to staff and students, falsely claiming that tuition fees were overdue or that email accounts were due to be closed. These messages did not come from the University.  Unfortunately, some individuals provided their university log in via an external website after clicking on a link in these emails. Those compromised accounts were then used to send a large volume of further phishing emails to some university accounts.   
   
As per our standard process, these emails were automatically forwarded to the personal email address in the Student Record system. Students’ personal email addresses were not obtained by the attackers.  

⚠️These emails were NOT issued by the University of Hertfordshire.   If you’ve received one of these phishing emails you should ignore and delete it immediately. Do not click on any links, respond to any given email addresses or make any payments. If you did not click on any links or respond providing enter any further details, your data will remain safe.  If you have responded or clicked on any links in these phishing emails, please see below to find out your next actions. 

The incident was identified and contained quickly. We secured the compromised accounts, removed malicious emails, and put monitoring in place to keep systems safe.  A full investigation is under way, and we have contacted affected students with advice and next steps.

What action should I take?

  • If you have received one of these phishing emails please ignore it and delete it immediately. Do not click on any links, respond to any given email addresses or make any payments.  If you did not click on any links or enter any details, your data will remain safe.
  • If you have responded in any way to these emails, please contact the IT Helpdesk as soon as possible letting them know how you responded, what information has been shared and to whom.  Contect the team:
    • 24/7 phone line: +44 (0)1707 284678, or ext. 4678
    • Email at helpdesk@herts.ac.uk 
  • If you have made payment to the account, please contact your bank straight away to make them aware and change passwords on your accounts. The sooner you report it the quicker any damage can be limited.
  • If you have made a payment to the account, please contact your bank straight away to make them aware and change passwords on your accounts. The sooner you report it the quicker any damage can be limited. Please also let the University’s Student Finance team know at financial-support@herts.ac.uk and advise on amount paid so they can check your student record, support you through next steps, and monitor for any related issues.
  • If you have clicked a link and used your university details to log into an external site , you must  change your password on your university account at https://pss.herts.ac.uk
  • Be vigilant to any further emails. See advice on how to spot a scam email, text, message or call.

ℹ️For further information and FAQs related to this incident please see Phishing Attack FAQs.

Student support

If you have been affected by this scam, it can be distressing alongside the stress of sorting out any impact on your finance.  

Being the victim of a cyber-attack can be distressing and may leave you feeling upset, angry, or anxious — and that’s completely understandable. Please remember that you don’t have to deal with this alone. You can contact our Student Wellbeing team or the student wellbeing 24-hour helpline for free, confidential help and advice.  

Fraudulent emails, texts, calls, and messages 

Email security at Herts 

Using technology to protect your devices and user accounts 

Reporting scams and accessing support

Top of page 

Fraudulent emails, texts, calls, and messages

Think you got a scam email or message? Here’s what to do

  • do not click on any links or attachments
  • do not reply, especially be wary of an 'unsubscribe' link
  • if you do reply, then the spammers know that your address is valid and you will receive more spam
  • delete the email, text, or message from your inbox

If you have inadvertently responded to a fraudulent message with your University account details, you must immediately contact the Helpdesk:
Telephone +44 (0)1707 284678 or ext 4678. (available 24/7)
Email: helpdesk@herts.ac.uk (Monday to Friday 08:00 to 17:00)

If we notice anything suspicious with your university account, we will promptly reset your password to protect your account.  If you do not have Multi-factor Authentication (MFA) enabled, your account will be disabled. You will need to contact our helpdesk to reinstate your account.

Remember, you can change your password anytime by going to pss.herts.ac.uk

Top of page

How to spot a scam email, text, message or call

Phishing emails are designed to trick you into acting quickly.  They can be convincing and hard to spot, and even the most careful user can be tricked. To help protect yourself:

  • Never share your personal, financial or login details with anyone. If you’re unsure, contact the University for advice. Remember, no one at the University will ever ask for your password—if they do, it’s a scam.  
  • Verify the source - take the time to double-check that what you have been sent is legitimate. Always check official websites and email addresses before responding to any requests for information or payments.  Emails about account issues, payments and deadlines will only come from official university channels - not from individual accounts, Gmail/Hotmail or other domains such as @herts-ac.live.
  • Be cautious with payments - the University will never provide bank account details for payment by email or on request.  Always make payments to the University for your tuition and accommodation fees using University’s approved payment methods.  For a full list of approved payment methods see ask.herts.ac.uk/make-a-payment
  • Use strong passwords - protect your university and banking accounts with strong, unique passwords and enable two-factor authentication wherever possible.  See our guidance for setting up a strong password: ask.herts.ac.uk/your-password 
  • Take your time before responding to unexpected requests or offers – scammers often create false urgency to provoke panic using language such as ‘missed deadlines’ or ‘outstanding payments’. The university will never pressure you into acting quickly. If you are unsure please contact our Helpdesk (helpdesk@herts.ac.uk) or Ask Herts team https://ask.herts.ac.uk/contact-us for advice.

For more advice and guidance

Top of page 

Email security at Herts

The University uses email security software (Mimecast) to provide you with greater protection against harmful emails and phishing attacks, keep more spam out of your inbox and help prevent data from getting into the wrong hands.

Greater protection against spam and junk email - Mimecast allows you to view and control your held messages providing both greater protection against spam and harmful emails whilst allowing you to stay in control of your email and ensure that genuine messages aren’t missed and are released to your inbox.

Incoming emails are scanned for viruses and spam to prevent harmful emails from being delivered to your University @herts.ac.uk email account.  Any emails identified as potentially harmful or spam will be held and you will receive a daily email from postmaster@herts.ac.uk with the subject ‘You have new held messages’ detailing any held messages with the option to release, permit or block each held email (see image below):

  • Release - delivers the held message to your inbox but will continue to hold future messages from the same sender
  • Permit - delivers the held message to your inbox and marks future messages from this sender as safe
  • Block – removes the message, adds the sender to your personal block list, and prevents any further emails from that address reaching your mailbox.


 

ℹ️ Please note that held messages will be deleted after 14 days if not released.

You can also log in to the Mimecast personal portal at  https://go.herts.ac.uk/email-security-portal to view your held emails and release them if necessary. Login with your UH username username@herts.ac.uk and password.  For more information see Mimecast's guide for managing held messages via the personal portal.

Image of login screen for Mimecast personal portal

Link protection - Mimecast protects the links that you click in emails by redirecting you through their secure servers to determine if a website is harmful. So, you may notice that some web links contained in your emails could display a different url address, which is normal. For example, a link to https://bbc.com would become  https://url.uk.m.mimecastprotect.com/s/munyCwEQYFk4vmzIqrex9?domain=bbc.com.

Attachment protection - Mimecast scans attachments for known threats and harmful content before it is delivered to your inbox. If someone sends you an attachment with harmful content, then the email will be blocked completely. If the sender is legitimate, but the attachment is harmful, the email will be delivered without the attachment included or sometimes you may receive a PDF attachment which is safe to view when you expected a different file format.

Undeliverable emails - if you send an email from your @herts.ac.uk email account that is undeliverable you will now receive a PostMaster email from Mimecast rather than exchange online. This is expected and you do not need to contact the Helpdesk.

If you receive notification messages from Mimecast alerting you to a blocked link, attachment or email.  Please follow the instructions and if you have any questions or if you think an email has been classified as spam by mistake or if a link or attachment has been blocked in error please contact the Helpdesk on 01707 284678 or email at helpdesk@herts.ac.uk.

Top of page

Using technology to protect your devices and user accounts

It is a requirement that your Herts University login account is protected with multi-factor authentication (MFA).
Find out more about MFA on your student login account and how to manage your settings and devices 

Top of page 

Viruses and worms on your PC IT regulations at Herts Herts Digital Talks Staying safe online checklist Multifactor authentication

Contact Us

Helpdesk - Library and Computing Services

Library and Computing Services

Today - Open 24 Hours
Please refer to the LCS Service Status page for updates on service availability. https://status.herts.ac.uk. Online and telephone support is available 08:00 to 18:00 Monday - Friday and 9:00 - 17:00 Saturday - Sunday (Late August - Early May) with telephone support only available outside of these times.
Contact Helpdesk - Library and Computing Services
  1. Home
  2. Search
Search Results Not what you are looking for?