Email security

The University receives a huge number of emails every day. Unfortunately, some of these emails are malicious and can cause harm to you and the University.

What is a phishing scam? 

A “phishing” scam is a fraudulent email used by scammers to solicit personal information such as your password or banking details.  

Phishing scams will masquerade as a legitimate business (such as the University) so they appear more convincing. Scammers also regularly seek to capitalise on topical issues to trap people into responding.  

Here are some tips to help you recognise a phishing scam:  

  • Does the sender address look suspicious?

    • All emails from University staff or students end in adelaide.edu.au 

    • Consider whether there is an external email warning.  

    Scammers sometimes use hacked University email addresses to send phishing or spam emails. Avoid clicking on suspicious links in email, even from people you know. 

  • Does the email address you personally?

    • Scammers often distribute spam and phishing emails to a large number of recipients for maximum effect. 

    • Emails sent from legitimate businesses such as the University or your bank will be addressed to you individually. 

  • Are you being asked to send personal information?

    Legitimate businesses, such as the University or your bank, will never request personal information such as your password or credit card number in an email message. 

  • Does the email provide contact details?

    • Scammers often don’t provide contact details for fear of reprisal.  

    • It never hurts to make sure a suspect email is authentic by telephoning the sender before replying or opening any attachments or links. 

How can I thwart email scams? 

Scammers rely on people replying to their scam attempts - it keeps them in business! If no one ever responded, scammers would cease to send out scams. 

Here are some tips to help you thwart email scams:  

  • Stop and think before you click

    Avoid clicking on suspicious links in emails. Scammers often add links to phishing and scam emails in an attempt to trick you into visiting a malicious webpage. Once there, you may be asked to enter your password, or a virus may be (surreptitiously) downloaded onto your computer. 

    Scammers can also attach infected files to their emails in an attempt to infect your machine. 

    Here are some basic tips to help you avoid visiting a malicious website: 

    • Hover your mouse over the link and check the "target" address 

    • Avoid clicking on email links - copy and paste the link into your web browser 

    • Never open a file you are not expecting. If in doubt, call the sender to make sure it was intended. 

    • Check to make sure links and attachments are clean by submitting them to VirusTotal 

    • If you have clicked on a link within an email purporting to be from the University, make sure the website's domain name  ends in adelaide.edu.au 

  • Never share private information such as your password

    Your university password is your online key into the university. Just like your house key it should be carefully guarded. The University of Adelaide will never ask you for your password – even over the telephone. 

  • Never respond to phishing or spam emails

    • By responding to phishing or spam emails you let scammers know that their scam was delivered successfully. Scammers now know your email address is valid and exploit this by sending you more scams. 
    • Never respond to phishing or spam emails. Report any suspicious emails using the reporting suspicious emails advice

How do I report suspicious emails? 

Around 95% of phishing and spam emails are blocked before they get a chance to enter our network. 

To report a suspicious email, please see the appropriate guide for your email client below:

  • Microsoft Outlook
    • Select the email message you wish to submit by clicking on it 
    • With the chosen email selected in the left column, select 'Report Message' in the top right of the ribbon menu 
    • Select 'Phishing' from the dropdown menu
    • Once the 'Report as Phishing' window appears, click the blue 'Report' button
    • The message will be reported as a phishing email and removed from your inbox

    Alternatively, you can forward the email as an attachment to bad@mailguard.adelaide.edu.au

    • Select the email message you wish to submit by clicking on it 
    • With the chosen email selected in the left column, select the ‘More respond actions’ button in the ‘Respond’ ribbon menu. This is located next to the ‘Forward’ button 
    • From this menu select ‘Forward as Attachment’
    • A new email window will appear with the selected phishing email attached.
    • Address the e-mail to bad@mailguard.adelaide.edu.au and click ‘Send’ 
    Report a Phishing email in Outlook

    Report a phishing email via the Report Message button in Outlook

    Report a Phishing email in Outlook as attachment

    Report a phishing email by forwarding the email as an attachment to bad@mailguard.adelaide.edu.au

  • Apple Mail

    Select the e-mail message that you wish to submit. 

    Using your mouse, right click (or Control + left click) on the e-mail message and select ‘Forward as Attachment’. 

    Address the e-mail to bad@mailguard.adelaide.edu.au and click ‘Send’ 

  • Mozilla Thunderbird

    Select the e-mail message you wish to submit. 

    From the ‘Message’ menu, select ‘Forward As’ and then ‘Attachment’. 

    Address the e-mail to bad@mailguard.adelaide.edu.au and click ‘Send’ 

Additional Resources

library

Cyber safety training courses

students sitting in a group