You almost fell victim to a real phishing attack.

Luckily, this was only a simulated attack from CIMIC Group. Had this been a real attack, your computer and your account credentials could have been compromised.

What's phishing?

Phishing is a type of internet fraud that uses social engineering to:

  • compromise passwords, credit card numbers, bank account details and other confidential information
  • infect corporate networks with malware and ransomware that steal and encrypt data to hold it at ransom until a fee is paid

What now?

You should have already successfully passed security awareness training.

Review the "Be aware" guide to recognising and managing a potential phishing email located on our intranet.

Things to consider when looking for a phishing email include (but are not limited to):

  • is the email addressed to you or does it look generic?
  • were you expecting this email?
  • is the FROM field and the REPLY TO field the same or different?
  • does the sender email and company domain name look correct or suspicious?
  • does the email contain a link, asking you to click on to enter your credentials or validate who you are?

Look for the note!

You'll receive a note in Outlook if an email originated from outside of the Organisation.

If you suspect you have received a phishing email, please do the following:

  • do not open the email
  • do not click on any links
  • do not reply to the email, open any attachments, or share credentials
  • click on the “Report Email” button in Outlook

If you need any further information, please contact the ICT Service Desk.




Phishing caution
Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.