ICT Services Secure IT Protect myself from phishing

Protect myself from phishing

Phishing is a relatively new phenomenon that commonly uses websites and email to steal confidential information such as credit card numbers, passwords and other information that can be used for financial gain.

Typical phishing attempts involves receiving an email on a particular topic of importance or interest such as wining a prize, taxation department refund, topical news story on a disaster or threat or to confirm financial information.

The email will often ask for some action to be performed, such as clicking on a link or providing some information.

For example:

Practical tips to identify phishing emails

  • Phishers may impersonate the sender making the recipient think that the original email was from a legitimate source. This could even be a JCU logo.
  • The subject usually requests some action.
  • There is usually an attachment or a link.
  • The purpose of the email is to entice the reader to client on the web link and login or provider other personal information. If you are in doubt, report the email to your services provider.

Practical tips to avoid phishing

Luckily, avoiding phishing can be fairly straightforward, and with some reasonable caution, becoming a victim can be avoided. Here are some practical tips:

  1. Do NOT click on a web link in an email or open an attachment in an email unless you know and trust the sender.
  2. Use your mouse to hover over links to see if they are genuine.
  3. James Cook University will never ask you for your password or information about your account via email.
  4. If you receive a suspicious attachment, you can submit it to third-party virus scanning products like Virus Total for analysis.

What to do if you've clicked the link? 

If you've already clicked the link and entered your details, the most important step to take is to change your JCU password immediately.

If you require assistance with changing your password or have any further enquiries then please contact the IT Help Desk.

Third Party Tools

A variety of publicly available tools are available on the internet to help you check phishing emails:

WebsiteHow it helps
https://www.phishtank.com/  Check a potentially malicious URL
https://www.virustotal.com/Check a potentially malicious file or URL
Check a potentially malicious URL Check a potentially malicious URL