National Cybersecurity Awareness month recently came to an end, but phishing emails never seem to.
According to Cal State LA’s Information Technology Security, phishing emails are sent to the recipient with the purpose of obtaining personal information such as usernames, passwords and financial account information.
Recently, with the email subject titled “MATTER OF URGENCY,” an example of a phishing email that was sent to Cal State LA students and staff this past September read:
Attention: User
To avoid cancellation of your account in the next 24 hours we advise you to click HERE to verify your email.
Warms regards,
Aceves Amberly,
IT Service Support (c) 2019.
In phishing emails such as these, the sender’s name often differs, but the IT Service Support signature is often there as an attempt to legitimize the fake request.
Information Technology Services (ITS) alerted the Cal State LA community via Twitter to contact the ITS Help Desk about any “suspicious email,” and urged students to share a post on social media to bring awareness.
Clicking the links on these phishing emails directs the recipient to a deceitful website or message that may seem legitimate.
To protect your account, a 2-Step verification tool is an option for students and staff looking to add an “extra layer of security.” This method requires a second identification method such as your phone, code, or another registered device to confirm your identity. According to ITS, even if someone gets ahold of your password, they cannot access your account if they do not have access to the device you registered the 2-step verification method with.
To familiarize yourself with phishing emails and to make it easier to recognize and avoid them, IT Security has a Phishing and Spam Archive with numerous examples of phishing emails. Some of the emails from the past two years use the logos of well-known companies such as banks and airlines.
IT Security also has a Phishing Email Do’s and Don’ts list, which includes a tip to verify whether an email is real or not by calling the company that supposedly sent it. However, don’t use the contact information provided in the suspicious email. Instead, get a hold of the company’s legitament number or email.
Students and staff are encouraged to contact ITS at (323)-343-6170, [email protected], or @mycalstatela on social media if they have received a phishing email or have clicked the emailed link the scammers provided.