The University is regularly targeted by email scammers attempting to manipulate students and staff into providing confidential information.

We have established strong security controls to help protect you from receiving these types of fraudulent emails, but you may still be at risk.

Email protection at the University

Email is the University’s primary tool to send important messages to you as a student. It is also the most targeted communication channel for cyber threats and other malicious email attacks.

To help protect your email account from a wide variety of these attacks, the University uses Mimecast, which scans all email links and URLs before allowing access to the link/URL. If an email is found to contain potential junk, spam content or malicious attachments, it isn't delivered directly to your email account. Instead, the email is held in a quarantine area.

If any emails have been quarantined, you will receive a daily email notification titled ‘Blocked Spam Notification’ to review the quarantine list, and decide whether to block, release or permit these emails. You can also review your list of quarantined emails at any time.

Mimecast will also scan file attachments and block any attachments deemed malicious. If an attachment is found to be malicious, it will be replaced with a Mimecast email message or completely blocked.

Phishing emails

A phishing email is a cyber security attack that is intended to trick you into providing information or taking an action for malicious use.

Phishing emails are meant to be highly convincing and typically use different techniques to wrongfully gain your trust – for example by creating a sense of urgency, threat, curiosity or familiarity.

It's important that you recognise the traits of an attack and how you can prevent or respond to it.

Is it a phishing email?

Here are some tips to check that an email is legitimate and trustworthy.

• Look carefully at the sender’s email address to make sure it is legitimate. Is the organisation name correctly spelt or different in some way?
• Take a moment to verify the details since scam emails are designed to look genuine to gain your trust. They often directly copy the format used by the organisation the scammer is pretending to represent, including their branding, corporate stationery and logo.
• Pause before reacting and check the facts, for example on the organisation's official website, especially if the email prompts you to take action to prevent a consequence. Scammers try to grab your attention by crafting a message that looks official, important or urgent to take advantage of your anxiety, concern or your willingness to help. 
• Never click on a link or attachment in an email unless you are sure that the URL is correct, or the attachment is safe. Scammers use this technique to trick you into:
  • clicking a link that takes you to a fake website
  • opening an attachment infected with malware that could infect your computer.

Reporting a suspicious email

If you’re not sure whether an email is real or fake, you can report it through the ‘Report Message’ in Outlook. You can also contact the ICT Service Desk.