Frequent Contributor


What is Phishing?


Phishing comes in many forms, but primarily is a type of online identity theft.


It’s a way of fraudulently obtaining personal information by sending fake emails that look like they come from a trusted source. Typically, phishing emails ask you to click on a link to verify or update your contact details or to provide credit card information. The link takes you to a forged web page where information you submit (such as your password) can be captured and potentially used for malicious purposes.


How emails can be dangerous


Throughout RMIT there have been examples of phishing emails that look like Australia Post parcel notifications, as well as hoax Google and Dropbox file sharing notifications. They attempt to trick you into disclosing your email, phone number and other information relating to your RMIT identity.


Attackers use phishing emails as a way to:


  1. Deliver file attachments that can infect your computer with malware.
  2. Entice you to click on links that take you to websites that will infect your computer with malware just by visiting it.
  3. Trick you into handing over your user credentials so that they can gain access to your network or other sites.


KB - Phishing.png

Attackers also research their targets online and via social media to find information that will make their emails sound more authentic - so it’s important not to overshare information via these channels.

Phishing attacks can be very professional and often target senior managers and their assistants within an organisation due to the level of access they have. In these instances, adhering to procedure is the best form of defence. If you receive an email asking you to bypass the usual protocols, be suspicious.


What to do if you have clicked on the link in the email?


Most phishing emails would attempt to get your credentials such as usernames & passwords.


 - If you not have clicked on the link and not entered any details, you are safe. It is recommended that you report the Phishing email.


 - If you have clicked on the link and entered your details, here is some of the stuff you can do



More tips on IT Security can be found at http://rmit.edu.au/itsecurity