skip to content

IT Help and Support

University Information Services

New students are often targeted with various scams. Here are a few that have happened in recent years. Names have been changed to protect the innocent.

The freshers' friend

Molly, Julia, Owen and Kim are just a few of the 3,500 students who made their offer and started at Cambridge University this year. They were really excited and told all their friends. But they didn't realise that a scammer was watching and waiting for them online.

This type of targeted scam has been used against University students all over the UK. It uses social engineering techniques to identify potential victims and contact them through social media channels before they arrive at University. Once in touch, the scammer goes to great efforts to gain their victims' trust. In reality they are running a confidence trick – befriending people, then stealing money for fake events as well as harvesting bank account and credit card details for use in future financial frauds.

To protect yourself from scams like this, review the security and visibility settings on your social media accounts to make sure that only the people you want to share information with can see your profile, contact details and postings. You can verify that events organised by the University, your College and Cambridge University Student's Union (CUSU) are legitimate by checking the details on their websites or through official channels. Most JCRS have a Freshers' Committee that organises student-led social events to welcome new students to Cambridge and an 'Ents Officer' who organises College-based social events throughout the year. There will also be a programme of more-formal welcome/orientation events during your first few days in Cambridge organised by your College and your Department. Colleges and Departments all have official mailing lists for students and you will normally be notified about events through these.


The student loan scam

Each year scammers target new students, who arrive at University with large amounts of money in their bank accounts for their course and living expenses. One very predictable scam comes in the shape of spearphishing emails claiming to come from the Student Loans Company.

These usually encourage students to provide their password and financial details to ensure that their student loans arrive on time. They may use the Student Loans Company branding and may resemble official communications from the SLC. However, the SLC would never request this information from you in a direct email.

Learn more about phishing.


The money mule

Fran wanted to earn some extra cash to help with term-time expenses and to build up some savings for her Summer travel plans. She found a part-time job she could do in the evenings that looked as if it wouldn't get in the way of her University studies.

Fran was asked to route payments through her personal bank account and deduct her commission before passing on the balance to the scammer. A legitimate business will not ask you to do this. Fran unwittingly became a 'money mule', laundering money through her account for the scammer. This is a serious crime that carries heavy penalties in English law. This really happened to some students at British Universities.

Cambridge University prohibits resident students from undertaking paid work during term, but some people look for temporary or part-time work to help cover extra expenses despite this. If you experience financial problems, it is best to discuss these first with your College Tutor. There are often College top-up funds, hardship and travel grants available to help students.

You need to be vigilant when dealing with people and websites online. Many people have been tricked by various scams that are prevalent today and which target students.

Staying safe online means that you need to put a few obstacles in place to lock down your devices to keep hackers, stalkers and spammers out of your bank accounts and to develop a keen sense of what is legitimate and what is not!



Peter had a momentary lapse of concentration that caused him a lot of unecessary aggravation and frustration.

Every year people just like Peter fall victim to scammers who use a type of malware called ransomware to encrypt computers, making files inaccessible. Their aim is to disrupt lives and businesses, and to obtain money by blackmail. They may offer to let you regain access to your files if you pay a ransom, but then might not even hold up their end of the deal. Both staff and students have fallen victim to this type of scam.

Ransomware is just one type of malicious software that spreads widely across the internet. Malware often arrives innocuously as an attachment to an email or bundled within a 'free download' from a website. The scammers will try to get you to open the file, causing the malicious program to activate.

Your best defence is to have an up-to-date anti-virus solution installed and active, and to be careful about which attachments you open or files you download. UIS offers free anti-virus software for all staff and students.

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

Latest news

Your University GoogleDrive: 20GB quota limit from December 2022

19 January 2022

Google is replacing its G Suite for Education model licensing model in October 2022. As a result, there will be a new limit of 20GB on personal GoogleDrive spaces provided with G Suite@Cambridge accounts. If your GoogleDrive usage exceeds 20GB after 1 December 2022, your University account GoogleDrive will become read-only until your usage is brought below 20GB.

Moodle offline for upgrade during 06:00–12:00 on Tuesday 11 January

10 January 2022

Moodle will be unavailable from 06:00 to 12:00 on Tuesday 11 January while we upgrade it to version 3.9. During the upgrade, you won’t be able to view or upload sessions on Panopto because access is managed via your Moodle login. Assessment Moodle, ICE Moodle and Clinical School Moodle users will be unaffected. An outline...

HEAT authentication method changing to Azure on 13 January

7 January 2022

We're changing the authentication method for the IT service management system, HEAT, to Microsoft Azure on Thursday 13 January 2022. What is changing? You should continue to use the same URL for accessing HEAT: However, the 'Sign in' screen you'll be directed to will look slightly different,...