Skip to Content

Safe email practice

  • Phishing emails with un-safe links

    We all send emails on a day to day basis. Some emails have links which can take us to unsafe sites. Do you know what a dodgy link looks like? We all need to be wary of dodgy links which can put us at risk.

  • Not all URLs that appear safe really are

    Everyday, we get a torrent of emails. Not every email addressed to us is safe. Some of these emails have URL links which take us to dodgy sites. They can compromise our computer and our personal details. It’s important that we keep a lookout for bad URLs


From time to time, we all received phishing emails trying to deceive us to visit unsafe websites or download a malicious link. Some of these phishing emails even threaten to hold people to ransom by using compromised data they have found online by using target victim's previously compromised online data information. Learn more about different phishing methods below so you can identify between safe and phishing emails.

Deceptive phishing - Impersonating a legitimate company in an attempt to steal personal information and login credentials credentials

Spear phishing - Customised attack emails with personal details such as name, email address, phone number to trick you into thinking they know who you are, to lure you into clicking on unsafe attachments or links in the email and lure to click on attachments/link in the email

CEO fraud - Using stolen credentials to pretend to be an organisation's CEO to authorise the transfer of funds to a financial institution of their choice and pretend as one to authorise funds transfer to financial institution of their choice.

Pharming - Directory Name Server attacked to change the IP address of legitimate website changed to redirect you to an unsafe website without your knowledge redirect user even with correct website name. Only connect to websites with valid HTTPS (the green padlock).

Vishing - Voice phishing - received a call with voice message act as communication from bank/Telcom and request to enter PIN

  • Bitcoin blackmail

    A popular phishing scam is to blackmail victims demanding the ransom be paid in bitcoins. Do not respond to the scammer in any way. The scammers do not have the information about you that they claim to have.

  • Phishing email to get your university account details for Library / research resources

    Did you know that your library account never expires? If you get an email asking to reset your password for library access, delete it! It is a phishing email trying to scam you into giving potential hackers your login credentials. Monash University will never ask you to verify your account details via email. Check out more on how this recent popular attack has been spreading among targeted universities and how the stolen credentials are being used.

  • Are you available? phishing email

    This type of phishing email is considered as Spear Phishing. The attacker uses the publicly available information such as first, last names and email of Leadership Team members in the faculty from University. Pretending to be the leader of the faculty and asking a favour example; buying gift card for last minute arrangement. It is always worth checking the "from" field of email address to ensure if it is from the legitimate person, as well as verifying from different communication channel such as calling landline directly. Learn here for more real-like email scam and how to avoid them.

Play video