Skip to main content

Keeping your information safe

Email scams (phishing)

The University is regularly targeted by email scammers (phishing) attempting to manipulate students and staff into providing confidential information.

We have established strong security controls to help protect you from receiving these types of fraudulent emails, but you may still be at risk.

Phishing email techniques

The following techniques are often used in phishing emails.

  • Urgency – this technique attempts to gather a user’s credentials or other confidential information by presenting a financial opportunity that they must act on quickly.
  • Threat – messages will try to manipulate a recipient to resolve a bogus situation. These include blackmail or a financial penalty that will increase if the recipient does not respond, or that the recipient’s credentials have already been compromised.
  • Curiosity – these fraudulent emails are crafted to attract attention and curiosity with a small amount of information and try and entice the recipient to click on a link to gather more information.
  • Familiarity – messages will be designed to look like a large reliable brand or appear to come from a trusted source.

Examples of this may be where a sender:

  • masquerades as government correspondence
  • claims to be from your bank, asking for account information
  • urgently prompts you to provide information or take unusual action
  • offers extraordinary but unrealistic rewards
  • uses publicly known personal and professional relationships.

How to recognise a phishing email

  • Look carefully at the sender’s email address to make sure it is legitimate (is the organisation name correctly spelt or different in some way?).
  • Scammers try to grab your attention by crafting a message that looks official, important or urgent and take advantage of your anxiety, concern or your willingness to help.
  • Scam emails are designed to look genuine, and often directly copy the format used by the organisation the scammer is pretending to represent. This includes their branding, corporate stationery and logo.
  • Never click on a link or attachment in an email unless you are sure that the URL is correct, or the attachment is safe. Scammers use this technique to trick you into:
    • clicking a link that takes you to a fake website
    • opening an attachment infected with malware that could infect your computer.

What to do if you receive a suspicious email

If you’re not sure whether an email is real or fake, you should contact the ICT Service Desk on 1800 SYD UNI (1800 793 864) or +61 2 8627 1444 (option 3 for ICT) or email

ICT Service Desk

Submit an online help form

Opening hours
7am to 9pm Monday to Friday
Last updated: 26 September 2019

Website feedback

Tell us if you’ve spotted a typo or something else wrong with this page.

Thank you

Your feedback has been sent.

Sorry there was a problem sending your feedback. Please try again

You should only use this form to send feedback about the content on this webpage – we will not respond to other enquiries made through this form. If you have an enquiry or need help with something else such as your enrolment, course etc you can contact the Student Centre.