Beware of COVID-19 phishing
Scammers regularly seek to capitalise on topical issues to trap people into responding to fake emails, text messages and ads.
This includes COVID-related items purporting to be from HR, others promoting masks, hand sanitiser or bogus treatments, and other messages linking in with topical news that may spur people into action. With Zoom increasingly used across many organisations, some have seen phishing scams using a fake Zoom login webpage.
ITDS at the University of Adelaide has taken steps since early on to block COVID-related phishing emails, and estimates that over 900,000 COVID-related emails were received at the University over March-April – many genuine, but also plenty that were not.
While the University uses email for a number of important staff updates, there are some simple steps you can take to ensure that an email is legitimate, and if in doubt, don’t click! Check with the area or person that the email purports to be from whether it is a legitimate communication. University of Adelaide emails should have the domain adelaide.edu.au.
Key things to look out for include:
- Does the sender address look suspicious?
- Does the sender address you personally?
- Are you being asked to send personal information, follow links, or open attachments to fulfil a request?
- Does the email provide contact details?
If you receive an email that you think is phishing, help us to protect the University and your colleagues by reporting it:
- use the PhishAlarm reporting button on your University Windows computer, or
- forward the email as an attachment to bad@mailguard.adelaide.edu.au
The best line of defence against phishing and scams is, as users of technology, knowing what to look for and not falling into scammers’ lures. If you’d like to polish up your skills of discernment, you can always dip in to ITDS’s cyber security staff training. It is mandatory for all staff as part of induction, but can be helpful as a refresher at any time.