Phishing and how not to get caught

By Euan Henderson

Cyber Security Apprentice

Phishing Attacks could fool anyone, especially when targeted at groups who are expecting an important email about funds around this time of year.

The Student Loans Company (SLC) has issued a warning about phishing campaigns that happen each September, January and April.

In the last two years, it has stopped £500,000 in attempted thefts from students.

We have compiled a list of tips to deal with these attacks recommended by SLC and the National Cyber Security Centre (NCSC).

  • Be suspicious of any requests for personal and/or financial information, SLC will not ask people to confirm their bank details or login information by email or text.
  • Suspect emails are often generic and will start with something like ‘Dear Student’
  • There are likely to be spelling mistakes. Always check punctuation, spelling and grammar, as these are common signs of a phishing email sent out in bulk along with threats of account closure to prompt action
  • Always check the email address is unlikely to be genuine.
  • If you do receive an email from the bank or any other company and want to check that it is legitimate, get in contact using the number on their legitimate website
  • Always enable two-factor authentication if available. This should mean that even if you give away your password, your account will still be safe.
  • If you have given away a password to an account, immediately login and change the password


For more information, visit the following links: