By using this website, you agree to the use of cookies as described in our Privacy Policy.
Pulau Pinang, Malaysia
+604-6534400
https://sd.usm.my/enovate
Mon - Fri 08:10am - 17:10pm

Written on .

Peringatan Keselamatan ICT USM: Ancaman Serangan Phishing Melalui Emel

Assalamualaikum dan Salam Sejahtera,

YBrs. Prof./Datuk/Dato’/Dr./Tuan/Puan,

Peringatan Keselamatan ICT USM: Ancaman Serangan Phishing Melalui Emel

Pusat Transformasi Digital (PTD) ingin memaklumkan bahawa terdapat peningkatan percubaan serangan phishing yang dikesan melalui emel sejak kebelakangan ini. Serangan phishing merupakan kaedah penipuan dalam talian di mana penyerang menyamar sebagai entiti yang sah dengan tujuan memperdaya pengguna supaya mendedahkan maklumat sensitif seperti kata laluan, butiran peribadi atau akses ke sistem.

Bagi memastikan keselamatan data serta integriti sistem di USM sentiasa terpelihara, semua warga USM disarankan agar lebih berwaspada terhadap ancaman ini mengenalpasti ciri-ciri emel mencurigakan seperti berikut:

Ciri-Ciri Emel Phishing

  • Alamat penghantar tidak sepadan dengan organisasi atau kelihatan meragukan.
  • Kandungan emel meminta tindakan segera atau menggunakan nada mendesak.
  • Pautan (hyperlink) yang mencurigakan atau tidak sama dengan alamat laman rasmi.
  • Lampiran tidak dijangka, khususnya format berisiko seperti .zip, .exe, .sh, .ps1, dan sebagainya.
  • Kesalahan ejaan, tatabahasa, atau penggunaan bahasa yang tidak profesional.

Tindakan Yang Perlu Diambil

  1. Jangan klik pautan atau membuka lampiran daripada penghantar yang diragui, termasuk emel yang kelihatan datang daripada pengguna dalam organisasi yang berkemungkinan telah dikompromi.
  2. Jangan memberikan sebarang maklumat peribadi, terutama kata laluan, melalui emel.
  3. Laporkan segera sebarang emel mencurigakan kepada Infosec USM di This email address is being protected from spambots. You need JavaScript enabled to view it..
  4. Padamkan emel tersebut selepas laporan dibuat.

Untuk makluman, pihak PTD mahupun USM tidak akan sama sekali meminta kata laluan, maklumat akaun atau data sensitif melalui emel pada bila-bila masa.

Kerjasama serta keprihatinan semua warga USM amat dihargai dalam usaha memastikan keselamatan maklumat dan sistem organisasi sentiasa terjamin.

Kegagalan mematuhi peringatan keselamatan ini boleh mengakibatkan sistem serta maklumat organisasi terkompromi dan seterusnya menjejaskan reputasi individu dan institusi.

Sekiranya terdapat sebarang pertanyaan, sila berhubung dengan pihak Infosec USM.

Sekian, terima kasih.

Assalamualaikum and Greetings,

YBrs. Prof./Datuk/Dato’/Dr./Sir/Madam,

USM ICT Security Advisory: Phishing Email Threat Alert

Digital Transformation Centre (PTD) would like to inform all USM members that there has been an increase in phishing attempts detected through email in recent weeks. Phishing is an social engineering technique where attackers impersonate legitimate entities to trick users into revealing sensitive information such as passwords, personal details, or system access credentials.

To ensure the security of data and the integrity of USM systems, all USM staff are advised to remain vigilant and be aware of the following indicators of suspicious emails:

Common Indicators of Phishing Emails

  • The sender’s email address appears unusual or does not match the organisation it claims to represent.
  • The message contains urgent requests or attempts to pressure the recipient into immediate action.
  • Suspicious hyperlinks that do not match official website URLs.
  • Unexpected attachments, especially high-risk formats such as .zip, .exe, .sh, .ps1, and others.
  • Poor grammar, spelling errors, or unprofessional language use.

Actions to Be Taken

  1. Do not click on any links or open attachments from suspicious senders, including emails that appear to come from internal users whose accounts may have been compromised.
  2. Do not provide any personal information, especially passwords, via email.
  3. Immediately report any suspicious email to Infosec USM at This email address is being protected from spambots. You need JavaScript enabled to view it..
  4. Delete the email after the report has been made.

Please be reminded that neither PTD nor USM will ever request passwords, account details, or any form of sensitive information via email under any circumstances.

Your cooperation and vigilance are greatly appreciated in ensuring the continued security of the University’s information and systems.

Failure to adhere to proper security practices may result in compromised systems or data, and may negatively impact both individual and institutional reputation.

Should you have any enquiries, please contact Infosec USM (This email address is being protected from spambots. You need JavaScript enabled to view it.).

Thank you.

  • Hits: 280