Phishing

What is Phishing?

Phishing is an attempt to obtain personal and/or financial information from an individual through the use of e-mail links or pop-up boxes. These methods are often designed to look like they come from an "official" source in an attempt to trick the individual into providing sensitive data.

What should I know?

A legitimate institution will never ask you for any of the following information through any form of electronic communication:

  • your MySanDiego username and password,
  • your e-mail address and password,
  • your computer password,
  • your Social Security Number,
  • your mother's maiden name,
  • your bank account information, or
  • your bank PIN code.

Signs You May Have Received a Phishing Email:

  • Unofficial "From" email address
  • Urgent action required - examples: "Your account be locked out if you don't update your password", "Your account needs attention", "Your account has been compromised" 
  • Generic greeting - examples: "Dear member, Dear Customer.
  • Link to Fake website - always hover over the link to see the actual website address. (see video below for more examples)
  • Legitimate links mixed with fake links - examples: university.sandiego.edu is a fake link vs. the legit link sandiego.

 

Examples of Phishing emails:

Latest Example: Phishing email sent out to campus on 07/02/2017 regarding merit increase. Payroll will never send emails regarding merit increases or emails with links to financial information. Please see example below.


phishing-Merit

 
Slide12 slide11
slide9Slide8

Report a phishing attempt

If you receive an e-mail requesting information from you and are unsure of the legitimacy of the e-mail, do not respond to the e-mail. Report any concerns to: help@sandiego.edu or call us at x7900

You can also report phishing e-mails to the Anti-Phishing Working Group, a volunteer organization that maintains a repository of phishing scam e-mails and Web sites to help people identify and avoid being scammed in the future.