Week 3 - Report a Phish

Report a Phish

Report a Phish

Beware of phishing attacks and recognize when to report them. 

Phishing is a type of social engineering that often comes in the form of an email or text appearing to be from a trusted source but are, instead, from criminals attempting to trick you into divulging personal information. Even if the request looks genuine, be skeptical and learn how to spot a phish here.

Why Reporting Phishing Matters?

When you report a phishing attempt, you accomplish these critical tasks:

Helping to catch the cybercriminals

Protecting your community from being victims of the same phishing attack

Once a reported phish is analyzed, SDSU’s IT Security Office can take steps to mitigate the attacks early and efficiently. That's why it is critical not to just recognize - but also to report a phish. 

How To Report an Incident?

There are different ways to report a phish and other information security incidents. 

If you receive a phishing email, please forward the message to [email protected]. Do not attempt to open any links, do not download any attachments, and do not reply to the message.

After reporting to [email protected], you can report phishing directly to Google if you are using the Gmail interface by doing the following:
-Sign in to Gmail.
-Open the message you would like to report.
-Click the triple-dot icon next to “Reply,” located at the top-right of the message pane.
-Select “Report Phishing”.

If you believe that your system or account has been compromised, please report the incident to [email protected].

Visit the “Report an Incident” site for more information on reporting information security incidents.

signs of phishing 

Sample Phish

  • Urgency: The email creates a sense of urgency by stating that action is required "within 24hrs" to "avoid termination." This is a common tactic to rush the recipient into making a mistake.
  • Generic Greeting: The email does not address the recipient by name, often a sign of a phishing email.
  • Spelling and Grammar: The email has several grammatical errors and awkward phrasings, such as "Kindly indicate the two info logins as soon as possible." Legitimate organizations usually send out well-crafted messages.
  • Request for Sensitive Information: The email asks for usernames and passwords, which is a red flag. Legitimate organizations will never ask for sensitive information via email.
  • QR Code: The email asks you to scan a QR code, which is an unusual request and could potentially lead to a malicious website.
  • Vague Details: The email is vague about the "two different logins with two universities' portals," which could be confusing and likely prompt you to reveal information.
  • Threat of Loss: The email threatens that you will "lose all your emails associated with this account," another tactic to create urgency.
  • Mismatched Subject and Content: The subject mentions "SDSU UPGRADING EMAIL VERIFICATION," but the content talks about different logins with two universities, which could be inconsistent.
  • Unusual Signature: The email ends with "notex," which doesn't seem to relate to anything and could be a sign of a hastily constructed phishing attempt.