Phishing Scam Warning
Have you ever recieved an email that begins: Your Order with Amazon.com or perhaps Chase Bank - Online Access Suspended. If so, you have seen phishing.
Phishing is electronic fraud using social engineering and fake websites. Phishing typically uses fraudulent emails that lead to spoofed websites designed to trick you into divulging personal information, such as account usernames, passwords, social security numbers, and credit card numbers. Amazon, banks, eBay, Facebook, PayPal and Universities, are common targets.
Universities are being targeted by hackers sending email posing as official mail from a university Help Desk, and requesting your e-mail ID and password. These attempts are very sophisticated, sending tailored messages to each individual. They are well written and may include university logos and other identifying information.
Legitimate surveys and email from SDSU will always have contact information for the department or group. Do not fill out requests or surveys that do not contain a name with a phone number or email address to contact for questions. If in doubt, contact the department or group and ask if the email is legitimate.
SDSU email never comes from SDSU Team or Rohan Team, or asks you to update your account. We never request your password in an email. You should never provide identity information (SSN, driver's license, login ID, password, DOB, etc.) to any individual over e-mail.
Although the vendors of major browsers have added protection mechanisms, you can learn to recognize phishing email scams. Firefox has Phishing Protection to help identify web page forgeries. Click here to test
Microsoft has a Phishing Filter in IE7 and IE8, to dynamically warn users if they visit a known phishing site. Click here to test
More information on phishing can be found at Internet Fraud Tips, Phishing and Spam Scams.
Report phishing. Tell the company or agency the phisher was impersonating. You can also report the problem through antiphishing.org, CERT, or www.ftc.gov.
