It is clear that we are experiencing a persistent and focused email phishing attack. If the past few weeks are any indication, we can expect to see more of these and they are getting more sophisticated. The most recent ones appear to come from our helpdesk and they use our campus graphics. It is only a matter of time before they start using our names. Don’t be fooled.
We are working with our spam filter vendor to try to improve their ability to detect and block these; but, meanwhile, please do not, no matter how urgent it appears, fill out a form or go to a website to “update your credentials” or “increase your quota,” or deal with whatever situation they are emailing you about.
The campus will never ask you to provide your username and password in email or in a web form – except for the periodic campus password update. The campus password change URL is http://www.csusm.edu/password. If you are in doubt, type that into your browser instead of clicking a link.
If you get one of these phishing messages you have a few of options:
• If it came in within the hour, forward it (preferably as an attachment) to firstname.lastname@example.org. If it is more than an hour old, likely someone else has already reported it.
• If you are on campus or using Outlook, you can submit it directly to the spam filter. This helps them identify future versions of phishing and may help them block messages. There are instructions here: http://www.csusm.edu/iits/security/phishing/reporting.html
• If you are at home, or using Outlook Web Access or another email system, you can submit it to the spam services by right clicking the message in your inbox and choosing “forward as attachment.” Send it to email@example.com. Then delete it!
• If you are not certain if something is a phishing message or not, ask by contacting firstname.lastname@example.org or email@example.com.
The important thing is that you don’t give out your password!
Director and Information Security Officer
Instructional and Information Technology Services