Cyber criminals are increasingly exploiting human behaviour with phishing and other ‘social engineering’ methods. People are now the first line of defence against these threats.
If you see a phishing email, it helps Griffith to stay cyber safe if you report it here.
If you suspect you may be a victim of a phishing email or another scam, please immediately contact the Griffith IT Service Centre for assistance.
Scams come in many different forms including email, phone call, text and instant message scams. Cyber criminals are generally trying to get sensitive information from you or scam you for money usually by trying to get you to click on a link or download something. You can avoid becoming the victim by remembering the three red flags that are consistent across all forms of scams.
Three red flags of a scam
- Authority: do communications come from a seemingly authoritative figure?
- Urgency: is the person instilling a sense of urgency to take action?
- Dire consequences: Is the person threatening dire consequences or trying to cause fear?
Be on the lookout for these other indicators
- Asking you to confirm or disclose your account details. Griffith University will never ask you for your password.
- Web or email address is not quite right e.g
- firstname.lastname@example.org instead of email@example.com
- firstname.lastname@example.org instead of email@example.com
- griffithu.org instead of griffith.edu.au
- Web addresses can be checked by hovering over weblinks. Look for the domain at the end after 'domain=' this is where the link will take you.
- Spelling mistakes and poor grammar in the email
- Generic salutations such as 'Dear user', 'Dear valued customer' instead of using your name
- Work related emails sent outside of reasonable business hours
- Reply address does not go to the expected Sender
Note: From addresses are easily spoofed/faked but Reply addresses can't be
Protecting yourself against these threats
- Ensure you are looking for the above indicators
- Don't disclose sensitive information via email
- Be cautious of clicking on links or attachments unless they are expected
- Verify requests through a second separate communication channel
- Keep your Griffith password unique and use it only at Griffith
- Always ensure you are running anti-virus software on your device with the latest updates
- When in doubt check with the IT Service Centre
Cyber Security Alert Service
Stay up-to-date with the latest cyber security news, threats and advisories here.
Alerts, news and advisories
- What is a technical support phone scam?
- Beware of fake COVID-19 emails giving out false facts and spreading misinformation
- Scammers targeting Australians by sending text messages themed around COVID-19
- Scammers are impersonating World Health Organisation in relation to the Coronavirus
- Australia Cyber Security Centre BlueKeep exploitation
- Test your knowledge with Google's phishing quiz
- ANU Data Breach information
- Is your password protected?
Keep your device up-to-date to protect from the latest exploits and vulnerabilities.