Phishing, vishing and smishing

Cyber criminals are increasingly exploiting human behaviour with phishing and other ‘social engineering’ methods. People are now the first line of defence against these threats.

If you see a phishing email, it helps Griffith to stay cyber safe if you report it here.

If you suspect you may be a victim of a phishing email or another scam, please immediately contact the Griffith IT Service Centre for assistance.

Scams come in many different forms including email, phone call, text and instant message scams. Cyber criminals are generally trying to get sensitive information from you or scam you for money usually by trying to get you to click on a link or download something. You can avoid becoming the victim by remembering the three red flags that are consistent across all forms of scams.

Three red flags of a scam

  1. Authority: do communications come from a seemingly authoritative figure?
  2. Urgency: is the person instilling a sense of urgency to take action?
  3. Dire consequences: Is the person threatening dire consequences or trying to cause fear?

Be on the lookout for these other indicators

  1. Asking you to confirm or disclose your account details. Griffith University will never ask you for your password.
  2. Web or email address is not quite right e.g
    • instead of
    • instead of
    • instead of
    • Web addresses can be checked by hovering over weblinks. Look for the domain at the end after 'domain=' this is where the link will take you.
  3. Spelling mistakes and poor grammar in the email
  4. Generic salutations such as 'Dear user', 'Dear valued customer' instead of using your name
  5. Work related emails sent outside of reasonable business hours
  6. Reply address does not go to the expected Sender

    Note: From addresses are easily spoofed/faked but Reply addresses can't be

Protecting yourself against these threats

  1. Ensure you are looking for the above indicators
  2. Don't disclose sensitive information via email
  3. Be cautious of clicking on links or attachments unless they are expected
  4. Verify requests through a second separate communication channel
  5. Keep your Griffith password unique and use it only at Griffith
  6. Always ensure you are running anti-virus software on your device with the latest updates
  7. When in doubt check with the IT Service Centre

Report a security incident

Report a phishing incident, password compromise, ransomware or other suspicious activity.

Need help?

General enquiries

Access the Service Catalogue to see the full list of cyber security services available.

Or you can ask our friendly staff about IT products and services. Contact us by phone, email or chat.

IT support chat

IT support form

Service Catalogue

(07) 3735 5555 Brisbane

(07) 5552 5555 Gold Coast

Common questions