People are now the first line of defence against threats
Cyber criminals are increasingly exploiting human behaviour with phishing and other ‘social engineering’ methods. Whilst Griffith has controls in place to help detect and mitigate security incidents, the first line of defence is each of us. The best defence is you.
What are the common types of scams?
Scams come in many different forms including email (phishing), phone call (vishing), text and instant message (smishing). Higher education is particularly vulnerable to phishing attacks due to the high number of end-users and a heavy reliance on email as a communication method. Cyber criminals are generally trying to get sensitive information from you, or scam you for money, by trying to get you to click on a link or download something. You can avoid becoming a victim by remembering the three red flags that are consistent across all forms of scams.
Watch this short video to find out more about social engineering techniques that attackers use.
Three red flags of a scam
Authority
Do communications come from a seemingly authoritative figure?
Urgency
Is the person instilling a sense of urgency to take action?
Dire consequences
Is the person threatening dire consequences or trying to cause fear?
Authority
Do communications come from a seemingly authoritative figure?
Urgency
Is the person instilling a sense of urgency to take action?
Dire consequences
Is the person threatening dire consequences or trying to cause fear?
Be on the lookout for these other indicators
- Asking you to confirm or disclose your account details. Griffith University will never ask you for your password.
-
Web or email address is not quite right e.g
- jane@gmail.com instead of jane@griffith.edu.au
- john@appl.com instead of john@apple.com
- griffithu.org instead of griffith.edu.au
- Web addresses can be checked by hovering over weblinks in emails. Look for the domain at the end after 'domain=' this is where the link will take you
- Spelling mistakes and poor grammar in the email
- Generic salutations such as 'Dear user', 'Dear valued customer' instead of using your name
- Seemingly work related emails sent outside of the usual business hours
-
Reply address does not go to the expected Sender
Note: From addresses are easily spoofed/faked but Reply addresses can't be.
Protect yourself from phishing and other scams
Don't disclose sensitive information via email
Be cautious of clicking on unexpected links or attachments
Verify requests through a separate communication channel
Keep your Griffith password unique and use it only at Griffith
Ensure your software and devices are up to date
Think you've spotted a scam?
Need help?
General enquiries
Access the Service Catalogue to see the full list of cyber security services available.
Or you can ask our friendly staff about IT products and services. Contact us by phone, email or chat.