See Email Security and How IT Works for more information and examples of phishing, but if you believe you are a victim there are some things you can do now.
If the phishing email arrived into your university email account - contact the IT Service Desk to explain what has happened. They will be able to advise on the next steps you need to take, including the resetting of passwords and checking any potentially compromised systems.
You will also need to follow the instructions for "I have received strange emails from other UoC users" (above).
If during the phishing attack you were directed to login to a website, then you will need to change the password for that site and contact the service provider.
If the phishing email arrived into your personal email account - contact the service provider and they will be able to advise on the next steps you need to take, including the resetting of passwords.
If during the phishing attack you were directed to login to a website, then you will need to change the password for that site and contact that service provider.
If the phishing attack happened when using a university device (laptop / Surface / PC / Mac / smartphone) - switch off the device and contact the IT Service Desk on 01228 888888 or or via the IT Service Desk Web Portal.
If the phishing attack happened when using a personal device - disconnect the device from any network (wired or wi-fi) and run your antivirus software. If you do not currently have any antivirus software, then begin by downloading, installing and running MalewareBytes - the free version is OK for now and it should pick up most issues that malware can cause to your device.
If you are not confident in fixing issues yourself - seek professional advice.
University or Personal Accounts and Passwords
If your think that that your university or personal accounts have been compromised, or that you may have entered your password in a fake site - follow the advice given above in "You think someone else knows your password".