People are now the first line of defence against threats

Cyber criminals are increasingly exploiting human behaviour with phishing and other ‘social engineering’ methods. Whilst Griffith has controls in place to help detect and mitigate security incidents, the first line of defence is each of us. The best defence is you.

What are the common types of scams?

Scams come in many different forms including email (phishing), phone call (vishing), text and instant message (smishing). Higher education is particularly vulnerable to phishing attacks due to the high number of end-users and a heavy reliance on email as a communication method. Cyber criminals are generally trying to get sensitive information from you, or scam you for money, by trying to get you to click on a link or download something. You can avoid becoming a victim by remembering the three red flags that are consistent across all forms of scams.

Watch this short video to find out more about social engineering techniques that attackers use.

Three red flags of a scam

Authority

Do communications come from a seemingly authoritative figure?

Urgency

Is the person instilling a sense of urgency to take action?

Dire consequences

Is the person threatening dire consequences or trying to cause fear?

Be on the lookout for these other indicators

  1. Asking you to confirm or disclose your account details. Griffith University will never ask you for your password.
  2. Web or email address is not quite right e.g
    • jane@gmail.com instead of jane@griffith.edu.au
    • john@appl.com instead of john@apple.com
    • griffithu.org instead of griffith.edu.au
    • Web addresses can be checked by hovering over weblinks in emails. Look for the domain at the end after 'domain=' this is where the link will take you
  3. Spelling mistakes and poor grammar in the email
  4. Generic salutations such as 'Dear user', 'Dear valued customer' instead of using your name
  5. Seemingly work related emails sent outside of the usual business hours
  6. Reply address does not go to the expected Sender

    Note: From addresses are easily spoofed/faked but Reply addresses can't be.

Protect yourself from phishing and other scams

Don't disclose sensitive information via email

Be cautious of clicking on unexpected links or attachments

Verify requests through a separate communication channel

Keep your Griffith password unique and use it only at Griffith

Ensure your software and devices are up to date

Think you've spotted a scam?

Need help?

General enquiries

Access the Service Catalogue to see the full list of cyber security services available.

Or you can ask our friendly staff about IT products and services. Contact us by phone, email or chat.

IT support chat

IT support form

Service Catalogue

(07) 3735 5555 Brisbane

(07) 5552 5555 Gold Coast

Common questions