A scammer's work is never done...

Published on 7 July 2016

It appears scammers don’t take a summer break. They are busy thinking of new ways to corrupt, damage and misuse your data.


The new scam on the block is Zepto, a type of ransomware that tempts email recipients to click on attachments that infect drives on their computer.

These emails are very difficult to block as they don’t contain any virus content, the virus is only downloaded once the attachment is opened.

Currently Zepto emails are easy to spot and users at the University have received emails looking like this:

There are a few clues in this email that point to a scam:

  • In the subject line are the words ‘POTENTIALLY MALICIOUS’. This warning is added when a suspicious email is detected. It’s a safe bet that you shouldn’t be even opening the email. 
  • The email appears to have been sent by the recipient, essentially Zepto has spoofed the sender address. 
  • The title of the email is numeric and has no meaning. 
  • When the document is opened the user is asked to enable Micros (don’t do this, don’t even open the document in the first place!)

Student phishing scam

You may also have heard about a scam hitting students at universities across the country. The email purports to have come from the Finance Department of the student’s university and tricks the recipient into clicking on a link contained in the message to provide personal and banking details. Find out more about this scam

Stay safe

We work hard to stay one step ahead of scammers and constantly update our internal systems and processes to respond to threats. There are ways you can avoid falling victim to Zepto and similar scams: 

1. Don't open attachments

Some email scams will have an attachment and ask you to open it. It will almost certainly be a virus. Don’t open attachments if you weren't expecting them, or from someone you don't know - not even if it seems to be from your bank, the government, or a reputable company (e.g. the Royal Mail or Amazon). They rarely send attachments.

2. Don't be tempted to "just click this link"

Scam emails will encourage you to click on a link within the email, taking you to a web page that may look legitimate but is actually used to collect your login credentials or personal information. The link itself often looks genuine in the email but what the link says and where it actually goes to can be entirely different.

In other cases, at first glance the link looks fine but it may have been slightly altered by adding, omitting or transposing letters, e.g. micosoft.com, mircosoft.com

Tip: Move you mouse to hover over the link (without clicking on the link). Look down in the bottom left of the screen and you should see a preview of the real address of the web page that the link will take you to.

3. Never give out personal information

Emails might appear to come from a reputable institution such as HMRC or a bank and they may ask you to reply, or to visit a webpage, to provide some personal information. No legitimate organisation will ask for your personal details by email – and that includes your bank account, PIN, passwords, or contact details.

4. Check for poor grammar or spelling

Scam artists may be cunning but one way to catch them out is by poorly written emails with an unusual use of English. If something is badly phrased, has spelling errors or doesn't make sense, then odds are it is not legitimate.

5. Watch out for 'red flag' phrases

Alarm bells should ring if you see phrases such as:

"verify your account"

"if you don't respond within xx hours your account will be closed"

"you have won the lottery!"

It is a scam. Delete it.

6. And finally, if you are in any doubt - don't do anything

If you aren't sure about what to do then don't do anything – don't open attachments or follow any links, just contact the Service Desk for advice. 

Sign up for CSD announcements or follow us on Twitter @liverpoolcsd for the latest news.

There are also plenty of helpful, practical tips about safe computing on our website.