CSUN faculty and staff continue to be targeted by fraudulent email messages. We are taking actions to help reduce the effects of these "phishing" email attacks. As an example, CSUN implemented a solution that checks incoming email from off-campus accounts with web links with fraudulent characteristics. If the solution detects fraudulent characteristics, and the user clicks one of these links, they will be directed to a page indicating the website has been blocked. CSUN also implemented a solution that specializes in detecting and preventing incoming phishing attacks from non-CSUN email addresses has been implemented and now blocks approximately 60,000 fraudulent messages every month.
Despite taking preventive measures, phishing email attacks continue to be sent from compromised faculty and staff accounts. The best method to prevent these attacks is to never enter your CSUN user ID and password in response to an email request.
Characteristics of a phishing email
It can be very tricky to identify a phishing scam, but here are some common traits:
- Ask for sensitive information (e.g. click here to verify your username and password)
- Ask you to download something (e.g. click here to get the necessary virus update file)
- Contain spelling and/or grammatical errors (e.g., thank you, from trusted administrator)
- Threaten you (e.g. do this or else your account will be deleted)
- Contain suspicious web addresses/URLs (e.g. visit the CSUN page by visiting: http:// www. csunorg31.com/account)
- Contain unexpected/inaccurate content (e.g. you've exceeded your email quota)
- Are generically addressed (e.g. dear CSUN customer)
- Expresses an urgency (e.g. you must click here immediately to avoid having your account terminated)
View Phishing Examples.