Smishing scam targets ACU

If you thought cyber attacks only happened to other organisations, think again. A recent smishing campaign received by an ACU staff member proves it can happen to anyone.

What is a smishing campaign?

In a smishing (SMS phishing) campaign, a malicious actor targets individuals via SMS. They will often impersonate a senior staff member and ask the person to procure gift cards on their behalf.

What happened at ACU?

A staff member received an SMS to their personal number impersonating Vice-Chancellor and President, Professor Zlatko Skrbis. The staff member quickly identified the SMS as a scam and reported it to IT Cyber Security.

If they hadn’t, the impersonator would likely have requested the staff member to purchase gift cards on behalf of Professor Skrbis.

How to avoid scams

  • Gift card requests are one of the most common forms of scam. If anyone asks you to buy gift cards for them, verify their identity first by reaching out via a known contact method.
  • Know the signs of a phishing campaign.
  • Report any scams you receive to Scamwatch.
  • Report scams you receive on your ACU account to ACU cyber security via Service Central or using the Report Message button in Outlook if the scam is an email.

Well done to the ACU staff member who quickly recognised this as a scam and acted responsibly to report it to ACU Cyber Security.

The following slideshow controls change the content above and below. Information is displayed below the controls while video content plays above the video controls.

Service Central

Visit Service Central to access Corporate Services.

Other service contacts

Learning and Teaching
Request Something

Make a request for services provided by Corporate Services.

Request something
Knowledge base

Find answers to frequently asked questions 24/7.

See Knowledge Base