Related links
Cyber security
Safeguarding our data and technology
The University of Sydney takes a rigorous, standards-based approach to managing cyber security risks for our staff, students, alumni, affiliates, partners and vendors, and all other organisations and individuals who support our commitment to excellence.
Cyber security is one of the University's highest priorities, and crucial to our core mission – to excel as a world-renowned research and teaching institution.
We have invested in a significant program of activities and safeguards to ensure your data, our data and our information and communications technology (ICT) are safe and secure – whether you are a member of our community or you work or partner with us.
Our standards-based approach to managing cyber security risks is supported by a policy framework and substantial resources. The University is continually improving our cyber control measures, to enhance our ability to rapidly identify and respond to any cyber threat.
A shared responsibility
Technological control measures are vital, but they are not enough. All members of our community have a shared responsibility to protect ourselves and the University against cyber security threats. For example, the University provides mandatory cyber security training to all staff. We urge you to report any suspicious activity or potential cyber security threats, by contacting us.
Cyber security essentials – a one-stop guide
Fake verification prompt that initiates malware
Cybercriminals are using fake CAPTCHAs to trick you into executing malicious code on your device. A legitimate CAPTCHA is a security challenge designed to verify you are human and not an automated bot. This may involve:
- Clicking a checkbox (‘I am not a robot’)
- Selecting images based on a prompt (‘identify all traffic lights’).
Fake CAPTCHAs prompt you to follow additional steps that install and run malware such as the Lumma Stealer and Amadey Trojan on your device. Once executed, the malware can steal passwords, cookies and sensitive data, allowing attackers to access your accounts and bypass security controls. They appear when you access an infected website, ad or popup.
Threat details
A fake CAPTCHA looks like a standard verification prompt, however clicking the ‘I’m not a robot’ button copies a malicious script to the clipboard and displays the following additional instructions:
Press Win + R (this opens the Windows 'Run' dialog box)
Press CTRL + V (this pastes the script from the clipboard into the dialog box)
Press Enter (this runs the script).
Do not follow these instructions. A legitimate CAPTCHA will never ask you to run commands like this.
How to identify and avoid fake CAPTCHAs
Be cautious of suspicious CAPTCHAs and remember:
Legitimate CAPTCHAs are usually found on websites requiring user verification, such as login or account creation pages.
Be cautious of CAPTCHA pages that appear unexpectedly on sites that shouldn’t require them.
Legitimate CAPTCHAs only ask you to verify you’re not a robot or to click on certain images to confirm this. They will never prompt you to copy or run code.
If you have interacted with a malicious CAPTCHA
These steps only apply if you followed the CAPTCHA instructions. Simply seeing the fake CAPTCHA does not install malware.
Disconnect your device from any network/Wi-Fi to prevent further spread.
Change any passwords you may have entered after interacting with the fake CAPTCHA, as these may have been solen. Use a safe uninfected device to do this, such as your mobile phone.
If you use a University-managed device, immediately report it to the Shared Service Centre on +61 2 9351 2000 (follow the prompts for the ICT).
If you use a personal device, run a full antivirus scan and remove the malware. The Australian Cyber Security Centre has useful instructions on how to report and recover from malware. Consider taking your device to a local IT repair store if you're unsure about malware removal.
If you lost money as result of this malware, contact your bank, the local police and IDCARE for further support.
Encountering a suspicious CAPTCHA
If you see a CAPTCHA that looks or behaves unusually:
Do not interact with it.
Close the webpage.
We understand the importance of responding quickly to prevent or defuse any cyber threats before they compromise our data security or ICT security.
If you are a member of the University community (staff, students, alumni etc), or work or partner with us in any capacity (industry partners, affiliates, contractors, government, vendors etc) we strongly encourage you to report any cyber security incidents in a timely manner.
Incidents you should report include:
- suspecting an ICT service, device or account has been compromised
- evidence on vulnerable University ICT services
- unauthorised disclosure of sensitive information or discovering a lost University asset
- observing someone breaching University policy.
Members of the public can contact the Cyber Security Team and staff and students can email ict.support@sydney.edu.au.
The University follows best-practice cyber security standards and has established a clear policy framework and invested substantial resources in its cyber security program. Read our policies on the University’s Policy Register.
The Cyber Security Policy 2019 (pdf, 216KB) defines the responsibilities and principles required within the University to protect the confidentiality, integrity and availability of ICT resources and digital information.
The Acceptable Use of ICT Resources Policy 2019 (pdf, 240KB) applies to all users of the University's ICT resources, and outlines user rights and responsibilities, the conditions of use of University ICT services, and penalties for misuse.
Facts_
8000+
Cyber security training is mandatory for all University staff