Newcastle University site spoofed to steal PII.
Newcastle University site spoofed to steal PII.

Cybercriminals went to extreme lengths to clone the Newcastle University website going as far as to create dozens of sub-pages explaining different programs offered by the university.

While the fraudsters committed a few errors in phony site, those unfamiliar with the actual site, such as foreign exchange students might easily mistake it for real. The hackers incorrectly referred to the school on the phishing site as the "Newcastle International University" instead of as "Newcastle University" in both the URL and throughout the site.

Hackers also used the incorrect coat of arms for the school. Despite the flaws, it is possible that some have been duped into disclosing their information on the phony applications though it's unclear how many and the University has acknowledged the scam. The fake site request payment card data and other personally identifiable information.

"We have been made aware of an unofficial website which is fraudulently using the Newcastle University brand and accepting credit card payments to apply for courses,” the university said to a July 20 tweet.  “The website 'newcastle international university' is in no way affiliated with the University and we are advising anyone who finds the website should not submit any personal details."

The phony website is suspected to have been promoted via spam messages sent to foreign students via email.