Phishing and Spam

What is Spam?

Spam is unsolicited commercial electronic communication, often delivered to a large number of individuals.

What should I know?

To reduce the amount of spam that you receive, follow these guidelines:

  • Do not display your e-mail address in public. This includes in chat rooms, on responses to news stories or blog postings and in online membership directories.
  • Be sure to read a Web site's privacy policy before providing your e-mail address, or other personal information. Some companies may sell your information.
  • When submitting a form online, be sure that you have read through all of the information and understand what you are signing up for. You may be able to "opt out" of receiving e-mails from the company, and/or the company's "partners".
  • Get more tips about how to reduce spam in your inbox from the Federal Trade Commission: You’ve Got Spam: How to "Can" Unwanted Email

Report Spam

If you get spam e-mail that you think is deceptive, forward it to spam@uce.gov. The Federal Trade Commission uses the spam stored in this database to pursue law enforcement actions against people who send deceptive e-mail. For additional information, visit the FTC's Spam Web site.


What is Phishing?

Phishing is an attempt to obtain personal and/or financial information from an individual through the use of e-mail links or pop-up boxes. These methods are often designed to look like they come from an "official" source in an attempt to trick the individual into providing sensitive data.

What should I know?

A legitimate institution will never ask you for any of the following information through any form of electronic communication:

  • your MySanDiego username and password,
  • your e-mail address and password,
  • your computer password,
  • your Social Security Number,
  • your mother's maiden name,
  • your bank account information, or
  • your bank PIN code.

Signs You May Have Received a Phishing Email:

  • Unofficial "From" email address
  • Urgent action required - examples: "Your account be locked out if you don't update your password", "Your account needs attention", "Your account has been compromised" 
  • Generic greeting - examples: "Dear member, Dear Customer.
  • Link to Fake website - always hover over the link to see the actual website address. (see video below for more examples)
  • Legitimate links mixed with fake links - examples: university.sandiego.edu is a fake link vs. the legit link sandiego.

 

Examples of Phishing emails:

Latest Example: Phishing email sent out to campus on 07/02/2017 regarding merit increase. Payroll will never send emails regarding merit increases or emails with links to financial information. Please see example below.


phishing-Merit

 
Slide12 slide11
 
 
slide9Slide8
 

Report a phishing attempt

If you receive an e-mail requesting information from you and are unsure of the legitimacy of the e-mail, do not respond to the e-mail. Report any concerns to: help@sandiego.edu or call us at x7900

You can also report phishing e-mails to the Anti-Phishing Working Group, a volunteer organization that maintains a repository of phishing scam e-mails and Web sites to help people identify and avoid being scammed in the future.