|
Recently, the Fresno State community was the target of phishing emails, fake alerts and phony support calls. Stay safe. If you see a message while browsing the web claiming that your computer has a virus, it’s likely a trick. If someone claiming to be from technical support calls and asks for personal information, you’re likely the target of a scam.
If you suspect phishing
Phishing is the act of fraudulently obtaining personal information. Fake emails, pop-up ads and phone calls are used to trick us into sharing personal information.
It’s not easy to detect phishing emails. In fall 2019, Technology Services is launching a campaign to raise awareness about phishing and to reduce the risks of phishing attacks to the campus community. Stay tuned for additional information.
Use the following tips to avoid phishing emails and scams.
Display Name Spoofing. Check the email address of the sender
Fake emails display the name of a key contact or someone you know, but the email address is incorrect. Check the full email address rather than looking only at the display name.
For example, two weeks ago, many campus employees received a fake email supposedly sent by our own President Castro. The spoofed display name was “joseph I castro”. Upon closer inspection, the sender’s email address “presidentjic.csufresno.edu@gmail.com” was clearly not a valid Fresno State address.
At times, you can determine if a message is phishing or spam by closely looking at the sender’s email address. If the sender's email address is hidden, has a bunch of numbers or is from a domain you don't recognize (the part after the "@"), then the email is likely phishing or spam.
If you see pop-up alerts or ads
When you browse the web, you might see a pop-up ad or a page warning you about a problem with your computer. The pop-up might appear to be from a legitimate company, but is in fact a fake. These fake alerts and pop-ups are designed to trick you into calling a phony support number or buying an app that claims to fix the issue. Don’t call the number. Simply close the browser window.
If you get a suspicious phone call or voicemail
Scammers use sweet talk and fear to pressure you into giving them information. Always verify the caller's identity before you provide any personal information.
Did you know?
- Emails from a VIP asking to do an urgent wire transfer or buy some gift cards are scams.
- No one from Microsoft or Apple is going to call you about your computer claiming it has a virus.
- The IRS isn't going to call you and threaten legal action. (Don’t ever try to pay the IRS with gift cards. That’s a scam.)
What to do if you receive a phishing email or text message
Scammers send emails that appear to be from legitimate companies to trick you into entering personal information. Never follow links or open attachments in suspicious or unsolicited messages. If you need to change or update personal information, contact the company directly.
These signs can help you identify phishing scams:
- The message always has a sense of urgency.
- The message requests personal information, like an account password or credit card number.
- The message is unsolicited and contains an attachment.
- The message requests you purchase gift cards as payment.
- The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
Do not react to scare tactics
All of these attacks rely on scare tactics to manipulate the recipient, such as lawsuits, computer viruses or missing out on a great interest rate. Don't fall for it!
Practice common sense
If something seems suspicious, it probably is, and should be treated with caution. If you are ever uncertain, please contact the Technology Service Desk at 559.278.5000 for assistance.
Visit our Information Security page for additional information on how to report phishing attempts or other suspicious messages.
Sincerely,
Technology Services - Information Security
|
