What are phishing emails?
Phishing emails are designed to trick you into disclosing your confidential personal or financial information to a hacker.
What to do if you think an email is a phishing email
- Don't click on anything
- Don't open any attachments
- If you are confident that it is a phishing email, just delete it
- If you aren't sure, contact the IT Support Centre on 9514 2222
If you have received a phishing email or suspect that you have, please report it by sending it as an attachment to firstname.lastname@example.org or contacting the IT Support Centre immediately.
You can drag the suspicious email into the body of a new email and it will automatically become an attachment.
There are various phishing techniques used by attackers
- Embedding a link in an email that redirects you to an unsecure website that requests sensitive information
- Installing a Trojan via a malicious email attachment or ad which will allow the intruder to exploit loopholes and obtain sensitive information
- Spoofing the sender address in an email to appear as a reputable source and request sensitive information
- Attempting to obtain company information over the phone by impersonating a known company vendor or IT department
Ways to identify a phishing email
Questions you can ask yourself to identify a phishing email:
- Is the email trying to make you do something urgently with the possibility of a fee, or does it try to create a sense of fear?
- Does the email come from an organisation you would expect to be doing business with?
- Are there links in the email? If you hover over the link, does the URL represent a website for a site you'd associate with a legitimate sender?
- Does the email mention you by name or does it use a generic salutation?
- Does the email contain obvious spelling or currency mistakes? Emails from a reputable source are (usually) thoroughly checked for such errors.
- Does the email ask you to provide information that the sender should already know?
- Are any attachments in an unexpected format?
- Is the email offering something that is too good to be true? (How likely is it that you really won the lottery?)
Phishing doesn't just happen in emails
It's not just emails you need to be careful with! Phishing messages can come as SMS messages on your phone, chat messages on services like Facebook, Skype, WhatsApp or postings on forums, Facebook, Instagram and more.