This alert is to inform you that Curtin students are being targeted by a phishing email attack, claiming to be from another Curtin student.
If you receive an email that looks like the following, do not click on the link.
How does this affect me?
If you receive a phishing email, and you open an attachment, click on a link, or reply with information, you risk exposing Curtin and yourself to cyber threats. To ensure your personal information remains secure, it is important to take the time to check every email to ensure you, and Curtin, are not impacted by these threats.
Whilst Curtin has best practice security controls in place to protect our environment, phishing emails can still get through via other means (e.g. using stolen account credentials).
If you suspect your account has been compromised, the first thing to do is reset your password from the OASIS login page.
How To Protect Yourself Online
Phishing Emails: what to look for (spot the red flags)
Phishing emails can be tricky to spot, however, there are some red flags you can look out for. The below phishing email example highlights the common red flags.
1. Subject line: Is the subject line irrelevant? Does it match the message content? If the subject is about a purchase you never made or a reply about something you never requested, it is a good indicator of a red flag.
2. From: If you don’t know the sender’s email address, the email is unexpected, or out of character, it is a good sign of a red flag. Pay close attention to the Reply-To address, if that doesn’t match the From address, that’s a red flag.
3. To: If you were included in an email and you don’t know the other people it was sent to, it’s a common red flag.
4. Date: If you receive an email that you would usually get during normal business hours, but it was sent outside of normal business hours, this is a red flag.
5. Attachments: Any attachment you receive that you aren’t expecting, doesn’t make sense in relation to the rest of the message, or asks you to enter in your username and password before opening is a red flag.
6. Email Content: If the sender is asking you to click on a link or open an attachment, be on alert! Especially if the request is made with a sense of urgency. Being asked to take some action to avoid a negative consequence is a common trick of cyber criminals and is often a red flag.
7. Hyperlinks: Look for misspellings in the link — for example, Arnazon instead of Amazon. Anytime you see a link that contains misspellings to make it look like a real link, that’s a red flag. Hover your mouse over the hyperlink. If the link address is for a different website, this is a BIG red flag.