Skip to main content

Spam & phishing emails

Although the university's email system incorporates advanced security features, it is important to understand that email security features are never guaranteed to detect all malicious or otherwise-undesirable emails; it is therefore vital that email system users remain vigilant when handling incoming emails.

Messages which, as a result of the University email system's security features, are detected as being offensive are either prevented outright from being delivered to the intended recipient, or they may simply have an offensive attachment removed.

Spam email is the electronic equivalent of junk mail. The term refers to unsolicited, and often unwanted material which is at best, annoying and at worst, malicious – causing considerable harm to your computer and yourself.

How to spot Spam


Spam emails may feature some of the following warning signs:

  • You don’t know the sender.
  • Contains misspellings designed to fool spam filters.
  • Makes an offer that seems too good to be true.
  • The subject line and contents do not match.
  • Contains an urgent offer end date (for example “Buy now and get 50% off”).
  • Contains a request to forward an email to multiple people, and may offer money for doing so.
  • Contains a virus warning.
  • Contains attachments, which could include .exe files.

Phishing is a scam where criminals typically send emails to thousands of people. These emails pretend to come from banks, credit card companies, online shops and auction sites as well as other trusted organisations. They usually try to trick you into going to the site, for example to update your password to avoid your account being suspended. The embedded link in the email itself goes to a website that looks exactly like the real thing but is actually a fake designed to trick victims into entering personal information.

How to spot a Phishing email


The email itself can also look as if it comes from a genuine source. Fake emails sometimes display some of the following characteristics, but as fraudsters become smarter and use new technology, the emails may have none of these characteristics. They may even contain your name and address.

  • The sender’s email address may be different from the trusted organisation’s website address.
  • The email may be sent from a completely different address or a free webmail address.
  • The email may not use your proper name, but a non-specific greeting such as “Dear customer.”
  • A sense of urgency; for example the threat that unless you act immediately your account may be closed.
  • A prominent website link. These can be forged or seem very similar to the proper address, but even a single character’s difference means a different website.
  • A request for personal information such as username, password or bank details.
  • You weren't expecting to get an email from the organisation that appears to have sent it.
  • The entire text of the email may be contained within an image rather than the usual text format. The image contains an embedded link to a bogus site

Get Safe Online - Phishing Scam from Get Safe Online on Vimeo.

Knowing how to avoid scams, spam and phishing is a critical life skill. Fortunately, simple safety measures will help you dodge the risks.

  • Slow down, spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review.
  • Do not open emails which you suspect as being scams.
  • Do not open attachments from unknown sources.
  • Do not readily click on links in emails from unknown sources. Instead, roll your mouse pointer over the link to reveal its true destination, displayed in the bottom left corner of your screen. Beware if this is different from what is displayed in the text of the link from the email.
  • Do not respond to emails from unknown sources.
  • Check junk mail folders regularly in case a legitimate email gets through by mistake.

If you have any doubts about the validity of an email, contact the IT Service Desk