Greetings Campus Community,
October is internationally recognized as Cyber Security Awareness Month, an annual initiative to raise awareness about the importance of cybersecurity. To support this important public awareness campaign, Technology Services will be sharing our experience and good practices.
This week’s message concerns Phishing. Phishing is a serious matter! Fresno State employees and students are often targeted by phishing scams, which continue to become more and more sophisticated.
What Is Phishing?
Phishing is an attack that aims to collect sensitive information by posing as a trusted sender. It starts with an email where the attacker uses social engineering, a technique attempting to trick you into taking an action. The goal of phishing is to obtain sensitive information, install malicious software, steal your login credentials (password) or access your computer.
How Does Phishing Work?
The attackers want you to:
- Open an attachment
- Click on a link (with or without a request to provide your password)
- Continue the conversation
Red Flags That Will Help You to Identify an Email Phishing Attack
- Sense of urgency
- Generic greetings
- Grammar and spelling mistakes
- Links with intention not to show apparent destination (e.g. "click here," URL shortening)
- Someone offering money
- Someone asking you to send them money in the form of gift cards, credit cards, etc.
What Should I Do?
If an email seems odd or too good to be true, it is most likely an attack.
- Be suspicious of attachments and only open those that you were expecting.
- Be suspicious of any email that requires "immediate action" or creates a sense of urgency.
- Be suspicious of emails addressed to "Dear Customer" or some other generic salutation.
- Be suspicious of grammar or spelling mistakes.
- Be suspicious with email coming from someone you know but not from their usual email address.
- Never answer requests for passwords, pin codes, etc.
I Received a Phishing Email!
How to react in case of a real phishing attack?
Technology Services will Launch Anti-Phishing Education Program
In the next few weeks, Technology Services will launch an anti-phishing education program. This educational program is part of our ongoing efforts to ensure that Fresno State is in compliance with federal and state law, CSU and Fresno State policies and to promote security awareness. The goal of the education and internal phishing exercises is to assist employees with avoiding phishing attempts and to reduce incidents at Fresno State. Additional information will be emailed out to the campus community sometime in the next week.
|