You are here:

Recognise phishing emails

What to do

Learn to recognise phishing emails and then report them.

Phishing emails used to be easy to spot, you had to look out for spelling errors, pixelated logos, and fake email addresses. With scammers becoming more professional, phishing emails can be harder to identify.

How to do it

Always ask yourself, am I expecting to receive this email? Most phishing emails are unsolicited. If you aren’t expecting it, be particularly careful.

Verify the information in the email. Go directly to the person, bank, business or department and check with them. Don’t use contact information provided in the email itself, use an email address or phone number provided on their official website.

You can also check by using Monash’s ‘report phishing’ button in Gmail, which will evaluate the email as safe, spam or malicious. See the report phishing emails section below for instructions on how to do this.

Why it matters

Scammers use email or text messages to try to steal your passwords, account numbers, or date of birth. If they get this information, they are a step closer to getting access to your email, bank, or other accounts.

Once they have access they could steal your money or data, install malware on your devices, or sell your information to other scammers.

Read more on cyber.gov.au:
- Phishing article
- How to recognise and report scams
Read more on Scamwatch:
- The Little Book of Scams, an educational PDF guide to learn about scams.
- How to spot and avoid scams
- How to help someone else who’s being scammed

Cyber Security at Monash University

Cyber Security at Monash University

Recognise phishing emails

What to do

How to do it

Why it matters