Scam alert. Whaling and spear phishing emails - Be alert!

This article has been created with the employee in mind, in particular the Administration or Finance Teams.

Unfortunately, we are seeing a rise in phishing attempts that target individuals within organisations. These emails are designed to appear as normal internal communication and any staff in the management and finance area should be particularly mindful of the source of any fund transfer requests.

There are emails currently circulating where the senders name is being forged (spoofed) so as to appear to be from a legitimate and familiar name, the following is an example of how such an email header appears:

Scam emails message

On close examination you will note that there is a “Reply-To” field below the “Subject” that shows the real senders email address. Also note, that the "Reply-To" field may not show. Therefore it is also important to always check once you hit reply and before you send, that the reply email address is the email address you intend to send to (that is it doesn't change to an unknown suspicious email like the one above).

These emails are Phishing attempts designed to make you believe a request for funds or information is from a genuine and trusted source. To learn more or to report this type of activity, visit the Australian Government Scam Watch Website.


Please be on the lookout for these type of scams and be suspicious of emails requesting funds or information – if in doubt please contact the IT Helpdesk on 1300 89 22 00 or, in less urgent cases, forward the email to requesting an assessment of the legitimacy.

Please feel free to write or call 1300 89 22 00 with any questions.

Warm regards,

The ITConnexion Team