News

Email security guide


2 July 2010

Do you know how protect your inbox or guard your computer from malicious software? It's easy to protect yourself from online security threats if you know what to look for.

Practicing vigilance when using email and visiting external websites means you can work with the confidence that your information is secure. Below are five tell-tale signs for "phishing" emails which are fraudulent emails designed to solicit your personal information and use these to impersonate you, hack into your account or corrupt your computer:

  1. It is sent from an email or company you do not recognise or normally liaise with: open these with caution and make sure you can confidently verify the sender is legitimate (ie from a company or person you trust) before responding to or clicking any links in the email.
  2. The email requests that you reply and provide some personal information (such as logins, passwords, or your account numbers): never respond to an email that has requested personal information.
  3. The email asks that you visit a page with an unusual or unrecognisable address or URL: malicious sites that load your computer with spam normally contain URLs with a random set of characters or use numbers and symbols to recreate a familiar looking site (eg b1gp0nd.com.au or sydn3y.org.au).
  4. If you click a link in the website it asks that you submit your personal information in a form: do not submit your personal information unless you are confident that the owner is legitimate (ie a company can authenticate and trust) and you have read and accepted any terms and conditions.
  5. The images or branding contained in the email or webpage appear to be fake: phishing attackers usually try to replicate logos or style sheets, but if the images, colours or symbols appear to be incorrect or distorted you should close your browser immediately and contact the ICT Helpdesk to notify them of the phishing attack.

Good habits to practice:

  1. Lock your computer if you are leaving your desk (for Windows computers you can do this by pressing Alt+Ctrl+Del and clicking "Lock computer"). This will prevent people accessing anything on your computer when you are not present.
  2. Make sure you log out of any secure systems if you are using a public computer or internet browser.
  3. Only distribute your email address to people you know.
  4. Avoid using your University email to sign up for distribution lists that are not related to your work.
  5. Change your password on a regular basis. If you receive a phishing email in your University email inbox, or if you have already responded to a fraudulent email, reset your UniKey password immediately and contact the ICT Helpdesk on 9351 6000.