Stay alert to cybersecurity risks

Recent cybersecurity incidents at ACU and in the higher education sector remind us of the importance of remaining vigilant.

Beware of emails impersonating ACU staff

Last week ACU was targeted by scam emails that impersonated ACU staff. The hackers posed as ACU staff members and contacted HR staff requesting their bank details be updated. Scam and phishing emails can take many forms. However, there are a range of red flags to help you recognise a potential scam email.

What to look out for

Look out for:

  • unusual sender email address
  • bad spelling, grammar or unusual phrasing
  • inconsistent branding or badly-formatted emails
  • unsolicited instructions to download software or click links
  • generic forms of address (e.g. ‘Dear user’ vs ‘Dear Bob’)
  • threats and a sense of urgency (eg. Take action today or your password will expire).

If you see a notification that an email originated outside of ACU, check the email address is legitimate and from someone you know and trust. Similarly, if you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message.

What to do if you receive a suspicious email

If in doubt, report any suspicious email via the ‘report message’ button in Outlook or submit a Service Central request with the details to the Cyber team.

Keep your login information safe

A recent cybersecurity attack on Deakin University highlighted the importance of keeping login information secure. Past and present student records at Deakin University were compromised after a hacker gained access via a staff member’s username and password.

How can you avoid risking student and staff personal information?

  • Use a strong, secure password or passphrase – this excludes you or your child’s birthday, your pet’s name, or that same lucky number that you always use.
  • Never re-use your ACU password for non-ACU systems.
  • Use Single-Sign-On wherever possible.
  • Change your password regularly and change it immediately if you suspect it has been compromised.
  • Don’t record your password and leave it lying about or share it with anyone.
  • Attend to any security prompts on your devices telling you to address a gap – seek advice from IT if needed.
  • Learn to spot a phishing attempt and always think before you click – your privacy and our students’ privacy is at risk.

Have any questions? Ask Privacy Coordinator Natalie Koppe at

You can also join the Cyber Security group on Workplace to stay informed of the latest news and tips.

The following slideshow controls change the content above and below. Information is displayed below the controls while video content plays above the video controls.

Service Central

Visit Service Central to access Corporate Services.

Other service contacts

Learning and Teaching
Request Something

Make a request for services provided by Corporate Services.

Request something
Knowledge base

Find answers to frequently asked questions 24/7.

See Knowledge Base