San Diego State University

ROHAN Academic Computing

Phishing Scam Warning 


    
 
    

      
  
         
	Have you ever recieved an email that begins: Dear member,
	eBay member stoweart has left you a message regarding item #763489239845 
	View the dispute thread to respond.
	


	Or perhaps 
	Dear Valued Customer:  Our system requires further account verification.
	To restore your account, please 
	Sign in to Online Banking.
	  If so, you have seen phishing.
	


	Phishing 
	is electronic fraud that uses social engineering and fake websites.  
	Phishing
	scams typically use fraudulent emails that lead
	to spoofed websites designed to trick you into divulging personal information,
	such as account usernames, passwords, social security numbers, and credit card 
	numbers. 
	Universities, 
	banks, 
	eBay and 
	PayPal
	 are common targets.
	


	Universities are being targeted
	by hackers sending email posing as official mail from a university
	Help Desk, 
        and requesting your e-mail ID and password.	These
	attempts are very sophisticated, sending tailored messages to
	each individual.  They are well written and may include university
	logos and other identifying information.
	


	Legitimate surveys and email from SDSU will always have contact
	information for the department or group.  Do not fill out requests
	or surveys that do not contain a name with a phone number or
	email address to contact for questions.  If in doubt, contact
	the department or group and ask if the email is legitimate.
	


	SDSU email never comes from SDSU Team or Rohan Team,
	or asks you to update your account.  We will never request
	your password in an email.  You should never provide identity
	information (SSN, driver's license, login ID, password, DOB,
	etc.) to any individual over e-mail.
	


	Although the vendors of major browsers have added protection mechanisms, 
	you can learn to recognize phishing scams. 
	Firefox 2.x has added
	Phishing Protection
	to help identify web page forgeries.
	Click here to test it
	


	Microsoft has added an optional
	Phishing Filter in IE7,
	to dynamically warn users if they visit a known phishing site.  We suggest you turn it on.
	


	More information on phishing can be found at 
	Internet Fraud Tips, 
	Phishing and
	Spam Scams.
	


	Report phishing.  Tell the company or agency the phisher was impersonating.  You can
	also report the problem to law enforcement agencies through the Internet Fraud Watch
	www.fraud.org, the
	Federal Trade Commission,
	or CERT