University students, faculty and staff are frequent targets of spam and phishing emails. While spam can be annoying, it's often harmless. Phishing, on the other hand, can put your personal information at great risk.
Expand | ||
---|---|---|
| ||
Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Phishing is designed to trick you into sharing personal information like usernames, passwords, basically anything that can be used to gain access to your identity and accounts. A cybercriminal creates an email or text message that appears to be from a trusted source (like a Cal Poly college or department, your bank, your employer, etc.). Most often, these messages urge you to act quickly and click on a link or open an attachment. They might falsely claim that your email inbox requires verification or will be shut down, or that you need to take some action to apply for a job or receive financial aid. If you follow through on the request, the cybercriminal can then use the information to con you out of money, compromise your email account, and use it to phish others. Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic, and because the recipient is already customer of the business, the email may more easily make it through filters, and the recipient may be more likely to open the email. |
...
Expand | ||
---|---|---|
| ||
If you have clicked through an email that you thought was from a legitimate Cal Poly sender and provided your username and password, then realized that it was not a legitimate website (perhaps the URL looks wrong), you need to change your password right away. You can do this by logging-in to the My Cal Poly Portal and going to the Personal Info tab. Then, go back to your inbox and report the email as phishing. If you use your Cal Poly email and password on any other online accounts (which is very risky), you'll want to change your passwords there too. |
...