Dear KAUST Community,
KAUST Information Security teams have identified a noticeable rise in highly sophisticated phishing campaigns targeting individuals through email. These scams often impersonate airlines, embassies, and consulates, exploiting uncertainty about international relations, travel regulations, and security updates.
Cybercriminals are leveraging urgency and confusion to trick recipients into revealing sensitive information or making fraudulent payments. The KAUST community is encouraged to remain vigilant and review the warning signs below.
📢 What to look out for
1. Urgent threats or demands
Messages may claim that your travel documents have been revoked, or that you must pay an immediate “processing fee” to avoid legal action or travel restrictions.
2. Suspicious sender addresses
Always inspect the sender’s full email address. Legitimate government communications typically come from official domains such as: .gov, .gov.uk, .gouv.fr
If the address looks unusual or unrelated to the organization it claims to represent, treat it with caution.
3. Unusual payment requests
Legitimate embassies or airlines will never request payments via gift cards, cryptocurrency, or third-party payment apps. Any message requesting these methods should be considered suspicious.
4. Malicious links and fake portals
Scammers may ask you to click links to “Verify your identity” or “Review new travel policies.” These links often lead to fake websites designed to steal login credentials or personal data.
🔎 Stay safe online
To protect yourself and the KAUST community, remember these key practices:
- ❌ Authorities will not request sensitive corporate credentials via unsolicited email.
- 🚫 Do not download attachments from unknown or suspicious sources.
- 🌐 Verify information through official websites by typing the address directly into your browser rather than clicking email links.
If you notice anything unusual, report it immediately using the right tools:
- Phishing Emails: Click the Phish-Alarm button in your email. Learn more
- Phone/Message scams: Use KAUSTCentral VerifyCaller to verify & report. Learn more
- Other Cybersecurity issues/concerns: Report via cyberincidents@kaust.edu.sa
Need assistance?
If you require further assistance, please feel free to reach out to us at askinfosec@kaust.edu.sa.
Information Security Department
