Spear phishing emails:

  • specifically target an organisation
  • usually claim to be from local IT support staff
  • ask people to reconfirm login details, including passwords
  • have a reply address which appears local, but the originator of the attack is located remotely
  • might ask you to visit a website via a link
  • may have basic language errors

You can recognise an email as a spear phishing attempt because:

  • University IT administrative/support staff will never ask for your password, or personal or confidential information
  • some of the sender information will look unusual (although you might not notice this immediately)

Report any spear phishing emails you receive to AskOtago:

Tel +64 3 479 7000 or 0800 80 80 98
Email askotago.it@otago.ac.nz

Send AskOtago an original copy of the email containing full header information. The header is located at the top of an email and includes the tracking information of the path an email took as it crossed mail servers.

Further information

Last updated 19/11/2018 10.12 AM
Did this answer your question?