We’re aware of a phishing email that has been sent to a number of schools. The email appears to be sent from Argest and advises the recipient to review a document that has been shared with them. The link in the email takes the recipient to a forged landing page that is designed to steal login details (usernames and passwords) from the email recipient. Below is a screenshot sample of the phishing email:
To protect your school, advise your users of the following steps:
- Avoid forwarding on the email
- Delete the email immediately
If users at your school have clicked the link, they should also:
- Change their school login password immediately to a completely different password. Just changing a few numbers or letters in the password is not enough to prevent further email compromise.
- If they use the same password for other accounts e.g. Education Sector Logon (ESL), bank accounts, then they should also change those passwords immediately.
- Check their email sent items. If there are emails that they didn’t send, that person’s email might be compromised. In this instance, you should contact your ICT Provider or N4L immediately.
If you can’t identify the exact users who clicked the link in the email, we strongly recommend running a sweep password reset for all users on your network.
 If you have any concerns please reach out to our Helpdesk on 0800 LEARNING, or speak directly to your IT support provider.