Received a suspicious email? Here’s how to stay safe online


When Macquarie University staff member Andrew received an email from someone who appeared to be a colleague at the University, he did not think much of it.

“I clicked on the link in the email, which asked me to update my account details,” he says. “Before I knew it, hackers had my OneID password and other details.”

“Phishing is not only dangerous to organisations but also to individuals,” says Jeremy Koster, Information Security Manager at Macquarie University’s IT Department.

Phishing, in which a malicious communication attempts to obtain personal or sensitive information, is one of the most common cyber-attacks. Emails are often poorly worded, ask for a username and password, and provide a link that does not lead to an official website address like

“When criminals get access to valid usernames and passwords they may obtain access to confidential University information or even damage University systems,” says Jeremy.

He recommends taking the following steps when receiving a suspicious email:

  • Immediately forward the email to
  • Do not click on any links or attachments
  • Do not provide your OneID login details. Never share your password.
  • If you have provided your login details, reset your password at the staff password portal and let the IT Service Desk know.

For more information, see the Information Security and Acceptable Use of IT Resources policies.

Stay tuned for more cyber security tips during 2017.





Back to homepage


Leave a Reply

Required fields are marked *

We encourage active and constructive debate through our comments section, but please remain respectful. Your first and last name will be published alongside your comment.

Comments will not be pre-moderated but any comments deemed to be offensive, obscene, intimidating, discriminatory or defamatory will be removed and further action may be taken where such conduct breaches University policy or standards. Please keep in mind that This Week is a public site and comments should not contain information that is confidential or commercial in confidence.

Got a story to share?

Visit our contribute page >>