Phishing is when cyber criminals email, text or phone you with the goal of tricking you into sharing sensitive information or data (such as usernames, passwords, credit card details).
In email and text communication, it can involve asking you to click on a link that will download malware or a virus onto your device if opened. Be aware of the following:
- Anyone asking for your password or asking you to click on a link and enter your password. USQ and other reputable organisations (e.g. Banks, Tax Office, Centrelink) will never ask you to disclose your password. If you think the message is legitimate, avoid clicking on the link within the message. Navigate to the website and sign in from there.
- Spelling mistakes. Emails with spelling errors are a common indicator of a phishing attack. If you are unsure, contact the company directly.
- Generic greetings. Be careful of messages beginning with a generic greeting like ‘Dear Customer’. Legitimate emails are likely to use your name which the company will have on record.
- Email addresses that don’t look right. Any emails sent from USQ will end with XXX@usq.edu.au. Be careful of email addresses that are similar, but not the same e.g. firstname.lastname@example.org etc.
Protect yourself by looking out for suspicious emails, texts and phone calls. If you are ever unsure, check with the ICT Service Desk.