Phishing FAQ

Criminals are regularly sending phishing emails to some campus community members.

Phishers are criminals who attempt to impersonate an organization with whom you have an electronic account, such as your bank or Sonoma State University. They often attempt to deceive you into giving them your username and password, Social Security number, birth date or other sensitive information.

When should I suspect phishing?

  • When you did not expect the email, or the email claims to be part of a transaction that you did no initiate;
  • When the email contains obvious deviations from standard practice, such as when the To or From addresses are incorrect or missing, or when the message contains poor spelling and grammar, generic greetings or incorrect information;
  • When the email contains threats, requests for money or sensitive information, or offers that seem too good to be true;
  • When, upon hovering over a link the target URL either does not match the displayed text, or is formatted deceptively; (For example,
    ht⁠⁠tp://ww⁠w.sonom⁠a.ed⁠u.examp⁠le.c⁠o⁠m/
    and
    ht⁠tp://www.sonoma.edu.ed⁠u⁠@⁠example.com
    are links to example.com and not to sonoma.edu) or
  • Any other time when something just does not look right to you.

Cofense offers a handout at PhishMe: How to spot a Phish with additional tips on how to phishing attempts.

What should I do when I suspect an email may be phishing?

  • If you are unsure whether an email is legitimate, verify the contents of the message with the corresponding institution. Do this online by typing the URL yourself, or offline by calling them with a phone number known to you, not with any information from the email itself.
  • Report spam and phishing emails to Google and reduce the number of malicious emails you will receive in the future: Mark or unmark Spam in Gmail
  • Never respond to a spam or phishing email. Responding just confirms that your email address is valid and you will find yourself getting more spam than ever.
  • Never click on any links that look suspicious. The safest way to access your bank's website is to open a new web browser and type in the URL yourself (for example, www⁠.example⁠.com).
  • Never open attachments in emails that look suspicious. This is a very common way for computers to get infected with malicious software, or "malware," that can observe your behavior, steal information or passwords, cause additional advertisements to appear when browsing the web, or even use your computer, without your knowledge, to perpetrate further criminal activity.
  • Never provide account credentials and passwords through email.
  • SSU IT will never ask you for your username and password in an email.