Phishing attacks targeted at university students

Over the last few weeks the University has been the target of increased email phishing attacks.

Phishing is the term used when an attacker sends an email pretending to be from a service provider (in this case the University). The email instructs the recipient to send their username and password on false pretext.

In more sophisticated attacks there is a link that appears official. The link, when clicked on, takes the user to a login screen that can look like an exact copy of the University of Auckland's official web login page.
This web location is not auckland.ac.nz and the site is not 'secure' (indicated by a padlock in the location bar).

university-website-official

The University will never ask you to verify your identity by email.

Key points to remember

  1. Please never send your password in an email.
  2. Be very suspicious of any email that asks you to click on a link that takes you straight to a login request (no matter how legitimate it looks).
  3. If you have the slightest doubt about any communications please contact the Student Support team on 0800 61 62 63.

We do our best to stop these messages reaching your mail boxes. Attackers are becoming more sophisticated in the tactics and approach they use, which unfortunately means that some phishing emails will get through.

Safe Computing guide

For a detailed guide of how to keep yourself safe online, visit Safe Computing.