Phishing and Spam Alerts

What is Phishing?

What is Phishing?

social media safety

social media safety

Email Scams: Recognizing them

Phishing Image

Over time, phishing attempts have become more sophisticated with increased quality of imitating a genuine email. Be aware of these warning signs:

  • The message is unsolicited and asks you to update, confirm, or reveal personal identity information (e.g., SSN, account numbers, passwords, protected health information).
  • The message creates a sense of urgency.
  • The message has an unusual “From” address or an unusual “Reply-To” address.
  • The (malicious) website URL doesn’t match the name of the institution that it allegedly represents.
  • The message is not personalized. Valid messages from banks and other legitimate sources usually refer to you by name.
  • The message contains grammatical errors.

Types of E-mail Spam and Phishing

Phishing is the term for messages sent to individuals via e-mail or text message with the intent to fool unsuspecting recipients into providing personal information, such as user names, passwords and financial account information. They often employ social engineering tactics by creating messages that appear to be legitimate. These messages can also lure individuals to malware-hosting websites.

Spear phishing differs from phishing in that it targets a specific department, division or college, seeking unauthorized access to protected information. These messages allegedly come from IT support staff or other professionals in a position of authority from within the targeted department, division or college. As with phishing, these e-mails will attempt to trick users into divulging personal or financial information, or their credentials, or entice them into clicking on a link that could install malware on the computer.

E-mail spam are messages sent to many people, often simultaneously, that either contain web links to Internet websites that host malware or contain executable malware within the message designed to infect the computer when opened. These messages are also called junk e-mail.

Spoofing aims to trick users into taking actions that that aren’t in their best interest. For example, users might be tricked into believing false information or divulging confidential information, access authorization information, passwords, and other information. Spoofing can mean:

  • Impersonating a person, organization, agency or server without permission.
  • Faking the origin. The messages were allegedly sent from the administrators, but they were actually from intruders trying to steal accounts.

Phishing Examples

Open to view common examples of phishing and spam emails.

Below are the financial examples. 

phishing email message looks like an order from American Appliance with link to download malicious file
phishing email message looks like an invoice from Intuit with link to download malicious file

 

From: [email protected] [[email protected]]
To: Recipient
Subject: Amazon.com - Your Cancellation (XXX-XXX-XXXX)

Dear Customer,

Your order has been successfully canceled. For your reference, here's a summary of your order:

You just canceled order XXX-XXX-XXXX placed on June 21, 2017.

Status: CANCELED


_____________________________________________________________________

Thank you for visiting Amazon.com!
From: Traffic Police [[email protected]]
To: Recipient
Subject: Parking ticket #987111363

You received a parking ticket!


26-141 - Parking of motor car or otherwise obstructing fire lanes shall be forbidden at all times

TrialLaw Court appearance required

Parking ticket number information: PTD987111154


Parking fine

To pay your parking ticket, download your fine and choose one of 2 convenient ways:
1. Online
Pay online by Visa or Mastercard, $2 processing fee.

2. By phone (automated system)
Pay by Visa or Mastercard at XXX-XXX-XXXX

Best wishes,
Police Department.

 

 

phishing email message pretends to be from Wells Fargo
Reconfirm your calstatela Password   

 

You are required to reconfirm your password on   ma*****@calstatela.edu   as of 2018/07/23 05:04:42 to avoid email malfunction.

 

You have limited time to make this corrections to avoid calstatela Violation

CONFIRM PASSWORD

Review Messages

To stop separating items that are identified as clutter, go to Options.
This system notification isn't an email message and you can't reply to it.

Your Account Will Be Blocked!
[email protected]

Your Account will Expire, Wednesday, April 12th/ 2017
If you would like to continue using your Email Address,
[email protected]

Upgrade Your Account Now

 

You will lose your email address if you do not upgrade your account.

Upgrade is free off charge.

 

Thanks.
Mail service provider ! ©2017 All Rights Reserved

Disclaimer:
This email and any attachment thereto are confidential and privileged. If you have received it in error, please delete immediately and notify the sender. Do not disclose, copy, circulate or in any way use it. The information contained therein is for the intended address(es) only, if you reply, its at your own risk. Emails are not guaranteed to be secure or error free, the message and any attachment could be intercepted, corrupted, lost, delayed, incomplete or amended. Outlook.Inc does not accept liability for any damage caused by this email or its attachment.

 

Email account

calstatela.edu Server Congestion

Dear username,

calstatela.edu sever is holding (4) incoming messages because this your email [email protected] has not been verified. If you wish to keep using your email, kindly verify your account below.

Review & Verify your account

Note: Move this message to your inbox folder if you are having a problem with the above link.

You may not be able to access your email if ignored, this process takes few minutes only.

Thank you,
calstatela.edu Team
This e-mail has been sent to you by Office 365 to inform you that we were unable to verify your account details. This might be due to either of the following reasons:

1. A recent change in your personal information. (eg: address, phone)

2. illegal use of your account.

Due to this, to ensure that your email service is not interrupted, we request you to confirm and update your information today by following the link below

VERIFY

Office 365! Mail Product Management2
WebMail Portal+
Dear Customer, Thank you for using our verification system.

Click Here to Verify you are the true owner of this account.
NOTE: Please do not click the link more than once.

Ignorance Of this mail will lead to permanent lock.
Thanks.
Webmail copy;

 

phishing email message pretends to be from DocuSign
phishing email message pretends to be from DocuSign
phishing email message pretends to be from Office365
 

Greetings,

 

Interested in working summer school?  There is still time to apply!

 

We are seeking candidates to apply for a variety of classified positions for summer 2022. 

 

Attached please find the employment opportunities flyer for the following programs:

 

  • Summer School, TK-8, program (June 22 – July 22, 2022)
  • High School Summer Term (June 22 – July 22, 2022)

 

For a list of sites and to apply, visit https://summer.calstatela and sign in with your CALSTATELA email and password (SSO).

 

Thank you!

 

I am a staff here at the institution, a professor of Medicine shared a link for an interested student who might be interested in a PAID PART-TIME POSITION job to make up to $650 (USD) weekly,  Follow the link below for more info regarding the position -

 
CLICK HERE


 NOTE: THIS IS STRICTLY A WORK-FROM-HOME POSITION.

 Work at your convenience as a personal/assistant APPLY HERE  at $550 Weekly

Dear Customer,

Your order has been successfully canceled. For your reference, here's a summary of your order:

You just canceled order XXX-XXX-XXXX placed on June 21, 2017.

Status: CANCELED

____________________________________________________________________

1 "Wilkes"; 2003, Second Edition
By: Jasen Patterson

Sold by: Amazon.com LLC

_____________________________________________________________________

Thank you for visiting Amazon.com!

---------------------------------------------------------------------
Amazon.com
Earth's Biggest Selection
http://www.amazon.com-XXX-XXX-XXXX
---------------------------------------------------------------------

Email account

calstatela.edu Server Congestion

Dear username,

calstatela.edu sever is holding (4) incoming messages because this your email [email protected] has not been verified. If you wish to keep using your email, kindly verify your account below.

Review & Verify your account

Note: Move this message to your inbox folder if you are having a problem with the above link.

You may not be able to access your email if ignored, this process takes few minutes only.

Thank you,
calstatela.edu Team

 

Docusign

I shared a file with you via Docusign powered by OneDrive.

Please click Here

To view the docusign.Pdf above, Click and login using your email provider.

This is a secure file sharing platform and we protect customers from all sort of unwanted emails.

Thanks!

 

Your E-mail Needs Extension!!


Storage Space

Due to low E-mail Account quota, further incoming emails with high massage size above 10kb might be discarded until your email quota has been extended.

You have used 95% MB of 5G of your email account quota.
We advise you to Extend your account immediately, this service is completely free!

Click Here To Upgrade For Free To Extend your email account Quota Limits on mail Servers; this may cause your mailbox to be impaired or you may no longer receive emails with attachment.

Attention: Failure to do this will lead to Email Storage abuse and account termination. Once extension is complete, your email account will work effectively.

Phishing Email Dos and Don’ts

  • DO call a company that you received a suspicious email from to see if it is legitimate, but DO NOT use the phone number contained in the email. Check a recent statement from the company to get a legitimate phone number.
  • DO look for a digital signature/certificate as another level of assurance that senders are legitimate. Digitally signed messages will have a special image/icon at the subject.
  • DO adjust your spam filters to protect against unwanted spam.
  • DO use common sense. If you have any doubts, DON’T respond. Contact the ITS Help Desk if you have any questions.

  • DON’T open email that you have any suspicion may not be legitimate. If it is legitimate and the individual trying to contact you really needs to, they will try other means.
  • DON’T ever send credit card or other sensitive information via email.
  • DON’T click the link. Instead, phone the company or conduct an Internet search for the company’s true web address.
  • DON’T open email or attachments from unknown sources. Many viruses arrive as executable files that are harmless until you start running them.

What should I do?

Phishing emails are a scary thing to receive. Here are a few things you could do:  

If your email account is provided by Google or Microsoft, their clients have a reporting feature. as shown below: 

Report Phishing 1

If using Outlook App: 

Report Phishing 2

Cyber Security & Infrastructure Security Agency helps individuals becoming victims of phishing scams by gathered phishing email messages and website addresses by simply forwarding them the emaiil to them. 

 

Forward to:  [email protected]

You can mark the email sender as a scam or as a junk, your email provider will block off the sender address and move it to the junk list.

Image

If the email you recieved is a scam or a phishing email. Simply delete the email after you report the email. 

Do not panic, we recommend all of the following action to limit any risks:

  • Change password 
  • Run AnitVirus scanner 
  • Use two-factor authentication
  • Back-up your files
  • Check for transactions

Other Resources