Spam / Suspicious Emails

Email security and suspicious emails

SVI has recently experienced an increased influx of unsolicited or suspicious emails.

Students and staff need to be increasingly cautious of such emails, as they aim to steal your electronic identity and use it to compromise your personal information or access your computer system.

Get help first

If you receive an email that threatens to remove your account or makes you suspicious for any reason, report it to the IT in the usual way

What to do with suspicious emails

Follow these basic principles when dealing with unsolicited or suspicious email:

If an email looks suspicious, it probably is. If you do not recognise the sender, ignore and/or delete it
Never reply to suspicious emails
Never forward suspicious emails to others
Never send sensitive, personal or confidential information via email
Never click links in suspicious emails
Never click or download attachments in suspicious emails
If you're unsure, please contact IT

Never send your password or other sensitive information via email

Recently a suspicious email purporting to be from IT was received by some students and staff:

SVI IT will never ask you to send your password via email
SVI IT will never contact you from a SVI email address
Never click on a link in any email - copy or type it into your Internet browser
If you are unsure that an email is genuine, contact the sender to confirm that they sent it.

What does a suspicious email look like?

Recent 'phishing' scam emails have been received by University staff and students with the following subject lines: 

'Verify Your Unimelb Account Now'
'Confirm Your E-mail Address'
'Confirm Your Webmail Account'
'Dear Email Account Owner'
'Please Verify Your Email Address'

What parts of these emails are suspicious? Certain characteristics should give you an indication that something isn't quite right:  

Phishing emails regularly use the above words in their Subject line
Always be suspicious of emails asking to 'verify' or 'upgrade' your account
Using ALL CAPITAL LETTERS is generally frowned upon - it's an indicator that the email may not be legitimate
A threatening tone - phishing emails often give you an ultimatum: 'verify your account or permanently lose it'