Subject:
How to Identify and Report Phishing Scams
Environment:
Fresno State University - Email, Google
Article Summary:
Fake emails, pop-up ads and phone calls are used to trick us into sharing personal information. If you see a pop-up message that your computer has a virus or someone claiming to be from technical asks for personal information, you’re likely the target of a scam.
Resolution:
Avoid Phishing Emails, Fake Alerts and Phony Support Calls
Phishing is the act of fraudulently obtaining personal information. Fake emails, pop-up ads and phone calls are used to trick us into sharing personal information. If you see a message while browsing the web that your computer has a virus or someone claiming to be from technical support calls and asks for personal information, you’re likely the target of a scam.
Please refer to the tips noted below to avoid phishing emails and scams.
Display Name Spoofing. Check the email address of the sender.
Fake emails display the name of a key contact or someone you know, but the email address is incorrect. Check the full email address rather than looking only at the display name.
At times, you can determine if a message is phishing or spam by closely looking at the sender’s email address. If the sender's email address is hidden, has a bunch of numbers in it or is from a domain (the part after the "@") you don't recognize, then the email is likely phishing or spam.
Pop-up Alerts or Ads
When you browse the web, you might see a pop-up ad or a page warning you about a problem with your computer. The pop-up might appear to be from a legitimate company, but is in fact a fake. These fake alerts and pop-ups are designed to trick you into calling a phony support number or buying an app that claims to fix the issue. Don’t call the number. Simply close the browser window.
Suspicious Phone Calls or Voice mails
Scammers use sweet talk and fear to pressure you into giving them information. Always verify the caller's identity before you provide any personal information.
Phishing Emails and Text Messages
Scammers use email that appears to be from legitimate companies to trick you into entering personal information. Never follow links or open attachments in suspicious or unsolicited messages. If you need to change or update personal information, contact the company directly.
Did you know?
- Emails from a VIP asking to do an urgent wire transfer or buy some gift cards are scams!
- No one from Microsoft or Apple is going to call you about your computer that has a virus!
- The IRS isn't going to call you and threaten legal action, unless you pay them using gift cards!
These signs can help you identify phishing scams:
- The message always has a sense of urgency.
- The message requests personal information, like an account password or credit card number.
- The message is unsolicited and contains an attachment.
- The message requests you purchase gift cards as payment.
- The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your name in their messages to you.
Do not react to scare tactics.
All of these attacks rely on scare tactics to manipulate the recipient, such as lawsuits, computer viruses or missing out on a great interest rate. Don't fall for it!
Practice common sense.
If something seems suspicious it probably is and should be treated with caution. If you are ever uncertain, please contact the Technology Service Desk at 278-5000 for assistance.
How to report phishing attempts and other suspicious messages:
To report a suspicious email, forward the message to Technology Services – Information Security (reportphishing@csufresno.edu) - with complete information. This email address is monitored by the Information Security team, but you might not receive a reply to your report.
In Google Mail:
-
Open the message you would like to view
-
Click the three vertical dots " ? " next to reply
-
Select “Show original” - the original message will show in a new browser tab
-
Click the "Copy to Clipboard" button to copy the entire message
-
Close the browser tab containing the original message
-
-
Paste the copied text into the new message
-
Send the message
How to mark phishing and other suspicious messages as spam in Gmail:
Within Google Mail:
- On a computer, go to Gmail.
- Open the message.
- Click the three vertical dots " ? " next to reply.
- Click Report phishing.
Note: If you are using classic Gmail, click the Down arrow.
Visit our Information Security page for additional information on how to report phishing attempts or other suspicious messages.
Additional Information
Need additional information or assistance? Contact the Technology Service Desk at (559) 278-5000.
TAGS: Spam, phishing, G-mail, Google