These messages often appear as legitimate SharePoint or OneDrive file shares, stating that a document has been shared with you.
The file names may reference ‘Loughborough’ to appear genuine. When opened, the document can prompt you to sign in, directing you to a convincing but malicious Microsoft login page.
It is important to remember that a key indicator is the web address you are signing into.
When accessing University services:
- Be cautious of links within shared files, especially if they ask you to sign in or verify access.
- Always check the URL before entering your credentials – it should be a genuine Microsoft or Loughborough sign-in page.
- Our legitimate login pages will display the University-branded background image.
- If the page looks unfamiliar or the web address is unexpected, do not proceed.
Please take extra care when handling these messages:
- Do not open links or files you were not expecting, even if they appear to come from SharePoint or OneDrive.
- Check the sender address carefully, particularly for external domains or unusual formats.
- Be cautious of messages prompting you to sign in to access shared content.
If you are unsure about a message or login page, please report it to IT Services for review.