Phishing emails

Phishing emails are designed to trick you into giving your personal or financial information to a hacker.

What to do if you think an email is a phishing email

  1. Don't click on links
  2. Don't open any attachments
  3. If you are confident that it is a phishing email, just delete it
  4. If you aren't sure, contact the IT Support Centre on 9514 2222

Report phishing emails
If you receive an email and you are unsure if it is phishing, please report it by sending it as an attachment to spam@uts.edu.au or contacting the IT Support Centre on 9514 2222 immediately.

*Hint* drag the suspicious email into the body of a new email and it will automatically become an attachment.

Phishing techniques

These are some of the phishing techniques regularly used: 

  • Using a fake sender address in an email to look like a reputable source and request sensitive information – this can include emails that appear to be from UTS, so always double check

    An example of a phishing email
  • Embedding a link in an email that redirects you to a website where you're asked to give sensitive information
  • Installing a Trojan (aka virus) via an email attachment or ad, which allows the attacker to get sensitive information from your device
  • Attempting to get company information over the phone by impersonating a known company vendor or IT department

Ways to identify a phishing email

Questions you can ask yourself to identify a phishing email:

  • Is the email trying to make you do something urgently with the possibility of a fee, or does it try to create a sense of fear?

    Screenshot of inbox with phishing email
  • Does the email come from an organisation you would expect to receive email from?
  • Are there links in the email? If you hover over the link, does the URL represent a website for a site you'd associate with a legitimate sender?
  • Does the email mention you by name or does it use a generic greeting?
  • Does the email contain obvious spelling, grammar or currency mistakes? Emails from a reputable source are (usually) thoroughly checked for such errors.
  • Does the email ask you to provide information that the sender should already know?
  • Are any attachments in an unexpected format?
  • Is the email offering something that is too good to be true? (How likely is it that you really won the lottery?)

Phishing doesn't just happen in emails

It's not just emails you need to be careful with! Phishing messages can come as SMS messages on your phone, chat messages on services like Facebook, Skype, WhatsApp or postings on forums, Facebook, Instagram and more.

Always be sure before clicking on links or handing over information. 

Acknowledgement of Country

UTS acknowledges the Gadigal people of the Eora Nation, the Boorooberongal people of the Dharug Nation, the Bidiagal people and the Gamaygal people, upon whose ancestral lands our university stands. We would also like to pay respect to the Elders both past and present, acknowledging them as the traditional custodians of knowledge for these lands.